tushare-plugin-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires a user-provided Tushare documentation URL and instructs the agent to fetch/parse that third-party webpage content (see "收集必要输入" and "从文档提取 API 规格" steps), so untrusted external page content would be read and used to generate code and runtime actions.