article-poster-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow (Step 1: "链接：用 curl 或浏览器抓取网页正文") and README examples show the agent will fetch and ingest arbitrary public URLs and webpages provided by users, then analyze that untrusted content to drive layout/JSON generation and subsequent actions, which could enable indirect prompt injection.