aios-jimeng-image-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly navigates to and scrapes content from the public site https://jimeng.jianying.com (SKILL.md steps 1–3) using page.extract_text / page.get_html and then uses that extracted text to detect policy rejections, completion, and decide retries/next actions, thereby ingesting untrusted third-party content that could influence behavior.