tushare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/数据接口.md explicitly instruct pulling and interpreting public third‑party content (e.g., news, announcements, research_report, anns_d, irm_qa_sh/irm_qa_sz) via Tushare APIs and using those texts to drive analysis and next actions, which exposes the agent to untrusted external content that could carry indirect prompt injection.