hotspot-collector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — SKILL.md explicitly instructs the agent to fetch and aggregate content from open/public, user-generated sources (see "3.1 国际信源" listing Twitter/X, Hacker News, Product Hunt, GitHub Trending and "3.2 中文信源" listing 即刻, 微信公众号, 微博, 知乎) and the execution steps ("并行搜索上述信源") require reading and acting on that third‑party content, which could carry indirect prompt injection.