data-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes runtime requests to external, public APIs (e.g., https://60s.viki.moe/v2/baike, /v2/today-in-history, and other https://60s.viki.moe/v2/* endpoints) and directly ingests and displays returned third‑party content (encyclopedia entries, historical events, summaries), which could contain untrusted or user‑generated text able to perform indirect prompt injection.