1688-ranking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime code (scripts/ranking.py, scripts/category.py, scripts/auto_category.py and scripts/auth.py) explicitly fetches data from the public 1688 APIs (URLs in SKILL.md and the code like https://gw.open.1688.com/...), consumes user-generated marketplace content (titles, keywords, category listings) and uses those responses to drive outputs and follow-up actions (e.g., auto-selecting category IDs and issuing subsequent queries), so untrusted third‑party content can materially influence behavior.