wechat2md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public WeChat articles and album pages from mp.weixin.qq.com as part of its main workflow (see SKILL.md and tools/wechat2md.py / tools/album.py), parsing untrusted, user-generated HTML which the tool uses to drive actions (article selection, image downloads, filename/slug generation and skip/retry logic), so third-party content can materially influence behavior and pose an indirect prompt-injection risk.