baoyu-post-to-weibo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's md-to-html.ts explicitly downloads HTTPS resources from arbitrary URLs (downloadFile in scripts/md-to-html.ts) and scripts/weibo-article.ts then inserts the generated HTML and drives image-selection/paste/upload actions based on that content (placeholders and image counts), so untrusted third‑party content is fetched and can materially influence automated tool behavior.