designkit-ecommerce-product-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly asks the user to "提供 URL/路径" for the product image (Step 1) and then "根据商品图自动生成一段核心卖点" (Step 2), which indicates the agent will fetch and interpret arbitrary user-supplied public URLs/images (untrusted third-party content) that can materially influence subsequent decisions and tool calls.