pw-post-to-wechat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's md-to-wechat.ts explicitly downloads remote images referenced by markdown (downloadFile/resolveImagePath for http(s) URLs) and the PlantUML extension (fetchSvgContent) fetches SVGs from external PlantUML servers, so the agent ingests and processes arbitrary untrusted third‑party URLs as part of its publishing workflow.