analyze-tech

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 and Phase 2 instructions explicitly require performing multiple WebSearches and WebFetch visits to external pages (e.g., "执行 4–6 次 WebSearch...使用 WebFetch 访问至少 1 个官方页面" in Phase 1 and similar per-Agent WebFetch requirements in Phase 2), meaning the agent will fetch and interpret untrusted public web content which can directly influence subsequent tool use and generation of the final report.