yuque-lakebook-export

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill unpacks and parses user-provided Yuque .lakebook files (see lake_setup.load_meta_json and MyParser using body_draft_asl in lake_handle.py) and then performs HTTP fetches of arbitrary resource URLs extracted from that content (download_resource in lake_handle.py calls requests.get(request_url)), meaning untrusted, user-generated content directly controls network fetches the tool will perform.