wfdata-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the public Wanfang Data API (Base URL https://api.wanfangdata.com.cn as shown in references/api-catalog.md) and its scripts (scripts/wf_data_query.py, scripts/wf_data_vector_search.py, scripts/wf_data_get_doc.py) fetch document/full-text/results that the SKILL.md workflow instructs the agent to read and use to decide next actions, exposing it to untrusted third‑party content that could carry indirect prompt-injection payloads.