whetstone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly asks for and ingests user-supplied original texts or links ("请提供原文（或链接 + 正文）") and even names public sources (e.g., "InfoQ 文章、X 长文、博客"), so it will read and interpret untrusted third‑party content provided at runtime.