industry-news-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — SKILL.md explicitly requires "多数据源抓取" and "使用 web_fetch 抓取详细页面" from public sites listed in the Data Sources table (e.g., https://www.gongkong.com/, https://www.iteschina.com/, https://www.c-fol.net/), so the agent will ingest untrusted third‑party web content and act on it to generate reports.