Geek-skills-wechat-article-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires fetching user-provided website links via web_fetch and performing web searches of open public sources (e.g., GitHub, StackOverflow, 知乎, V2EX) as part of its mandatory content-research workflow, so untrusted third-party content can be ingested and influence generation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly calls web_fetch to retrieve arbitrary user-provided website URLs at runtime (i.e. web_fetch(<user_provided_URL>)), and that fetched content is injected into the model context to directly control prompt/input for article generation.