drawnote-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly uses a WebSearch tool during the "内容准备阶段" ("If user only provides keywords... use WebSearch 工具搜索相关信息") and then extracts and integrates those open-web search results into the generated infographic, which means it fetches untrusted public web content and the agent reads/interprets it as part of its workflow.