juejin-auto-checkin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Playwright automation (scripts/juejin_auto.py and scripts/debug_page.py) explicitly navigates to https://juejin.cn (SIGNIN_URL/LOTTERY_URL), reads DOM/text via page.content()/page.evaluate()/document.body.innerText and uses those results to decide clicks and follow-up actions (sign-in, lottery), so it ingests untrusted public website content that can materially influence behavior.