file-reference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly supports parsing URL/network references and the examples (references/examples.md, e.g., "示例 3: 解析URL引用" and "示例 4: 解析混合引用") indicate fetching web resources (suggesting use of a WebFetch tool) so the agent can ingest arbitrary public URLs and their user-provided content.