wechat-article-fetcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflow (SKILL.md and scripts like scripts/fetch.py and examples/fetch_wechat_article.py) fetches and scrapes arbitrary public WeChat article URLs (mp.weixin.qq.com), extracts and interprets article text/images as part of its processing, which exposes the agent to untrusted, user-generated third-party content that could carry embedded instructions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The skill is primarily a user-space web-scraping tool, but its troubleshooting section explicitly instructs running a sudo apt install command to add system libraries (requires elevated privileges and modifies system state), so it does push use of privileged system changes.