fucai3d-latest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to use the browser tool to visit https://www.baidu.com, search "福彩3d", read and parse the Baidu results card and first-result pages (and fall back to other public sites), which means the agent will fetch and act on open/public third‑party webpage content that can influence updates and subsequent tool actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to execute local commands that write and modify files under /var/minis/shared (update history, bundle outputs), which alters the host filesystem and therefore pushes the agent to change the machine state.