content-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill explicitly requires reading "原始参考资料（必须）：用于对比核查的 URL、PDF、源文档" and instructs the agent to "仔细阅读‘原始参考资料’" (SKILL.md 接收信息 / 工作流程), so it ingests untrusted third‑party URLs/PDFs as evidence which can materially influence its fact‑checking behavior and tool use.