enterprise-ai-scenario-map

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory Phase 1 deep-research workflow (SKILL.md — 阶段1 步骤1.2/1.3) and the scripts/deep_research_wrapper.py explicitly require the agent to perform web-searches of public websites and ingest company/industry cases from open sources, which the agent must read and use to drive analysis and report generation—exposing it to untrusted third‑party content that can materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The README instructs cloning and running remote code (git clone https://github.com/YuanziAI/enterprise-ai-scenario-map.git followed by python scripts/deep_research_wrapper.py), which fetches and executes repository code required for the skill runtime, so the external GitHub URL is a runtime dependency that executes remote code.