homepage-info-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly crawls and ingests public third-party websites (official external domains) as part of its runtime workflow—e.g., "使用 Playwright MCP 访问官网...递归访问所有高概率内部页面" and "site: <关键词> 的 Google 搜索补充官网内部页面线索" in SKILL.md—so untrusted external page content is fetched and interpreted to drive extraction and subsequent actions.