dianping-info-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and references explicitly direct the agent to navigate to the public site https://www.dianping.com and use browser actions (e.g., readability/snapshot/search) to fetch and interpret user-generated reviews, comments, and tags from Dianping, which the agent reads and uses to drive its outputs and actions.