a-share-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to "Use web search" and to gather data from public third‑party sites (e.g., eastmoney.com, xueqiu.com, finance.sina.com.cn, cninfo.com.cn), including user-generated/social content like Xueqiu, which the agent is expected to read and interpret as part of its analysis, exposing it to potential indirect prompt injection.