create-yourself

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime workflow (see SKILL.md Step 2 "原材料导入" / "Source Material Import" and the tools directory) explicitly ingests user-supplied and social-media/chat exports (e.g., tools/wechat_parser.py, tools/qq_parser.py, tools/social_parser.py, tools/photo_analyzer.py) and uses that untrusted, user-generated third‑party content to build Persona/Self Memory which directly alters agent behavior—creating a clear vector for indirect prompt injection.