wechat-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and processes arbitrary network resources — e.g., frontmatter/network images like "cover: https://example.com/cover.jpg" (SKILL.md, example.md) and allows installing themes from remote URLs ("wenyan theme --add --path https://example.com/theme.css" in references/themes.md), which the tool/wenyan-cli will fetch and incorporate into the publish workflow, so it ingests untrusted third‑party content.