baoyu-post-to-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's md-to-html.ts (and references/articles.md) automatically downloads remote images from arbitrary http/https URLs referenced in user-provided Markdown (downloadFile/resolveImagePath), and those fetched resources are incorporated into the generated HTML that the agent pastes into X, so the agent consumes untrusted third‑party content.