event-driven-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the skill's SKILL.md and references/data-queries.md explicitly direct running ../findata-toolkit-cn/scripts/ (e.g., views like stock_zh_a_hist and stock_bid_ask_em that pull public A‑share data from third‑party sites such as 东方财富/EastMoney), meaning the agent will ingest and act on live public third‑party content as part of its workflow.