youmind-wechat-article

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests open web and user-generated content (e.g., Step 2 "fetch_hotspots.py" pulling Weibo/Toutiao/Baidu trends, SKILL.md Step 1.5 and references/openapi-document.md createMaterialByUrl / webSearch / youmind web-search) and then instructs the agent to read that knowledge_context and use it in topic selection and article writing (references/pipeline.md Step 1.5 and Step 4), so untrusted third‑party content is read and can materially influence decisions and actions.