51mee-resume-parse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads user-uploaded resume files ("读取文件
• 用户上传简历时，读取文件内容" in SKILL.md) and injects the extracted resume text into the model prompt template for analysis, so arbitrary user-supplied/untrusted content can be interpreted by the agent and could carry indirect prompt-injection instructions.