value-judge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the skill explicitly fetches and ingests content from user-provided URLs ("获取内容：从 URL 抓取或直接接收用户提供的内容" in SKILL.md) and lists open/public sources like medium.com, zhihu.com, github.com, youtube.com, bilibili.com, etc., which are untrusted/user-generated and will be read and interpreted as part of its evaluation workflow.