fx

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill requires fetching and citing live data from public third-party websites (e.g., pbc.gov.cn, bank websites like boc.cn, and other "large market/financial data platforms" or user-supplied URLs) and explicitly instructs the agent to read the source page and local update time, which exposes it to untrusted/public web content that could carry indirect prompt injections.