concept-board-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow and references (references/data-queries.md and references/methodology.md) direct running shared scripts and tool views that fetch/scrape real-time and historical data from public third‑party sites (东方财富, 同花顺, AKShare/web scraping), which the agent ingests and uses to drive analysis and decisions, exposing it to untrusted external content that could carry indirect prompt-injection risks.