wechat-article-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill automatically fetches and scrapes public WeChat article pages and mirror aggregator sites (mp.weixin.qq.com and mirrors like 53ai.com, mp.ofweek.com, juejin.cn, woshipm.com, 36kr.com) and directly reads and interprets that untrusted third-party HTML to extract content, metadata, and to drive workflow decisions (success checks, mirror selection, and fallback), which exposes the agent to potential indirect prompt injection.