cjournal-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Phase 2 explicitly instructs the agent to navigate to and scrape CNKI journal pages (navigate_page → https://navi.cnki.net/knavi/journals/{CODE}/detail), extract article titles, abstracts and keywords (with a WebSearch fallback) and then feed that externally fetched content into the analysis script and report generation, so untrusted third‑party webpage content directly influences decisions and outputs.