docs-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows (e.g., references/add_article_tutorial.md, references/add_video_tutorial.md and references/add_aiide.md) explicitly instruct the agent to browse and scrape public third‑party sites (Juejin, Bilibili, IDE official websites) and to parse and act on article/video/icon content (metadata, thumbnails, icons) as part of its normal operation, which exposes it to untrusted user-generated web content that could carry indirect prompt-injection instructions.