book-skill-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the SKILL.md workflow explicitly includes a "网络搜索与最佳实践提取" step and shows calling scripts/web_searcher.py to search and extract content from public websites (e.g., "{tech} best practices", blogs, online docs), meaning untrusted third‑party/user‑generated content would be ingested and used to generate templates and drive subsequent actions.