onboarding-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls yuque_list_repos, yuque_get_toc, and yuque_get_doc to fetch and read user-authored Yuque knowledge base content (team/public docs), and it uses that content to classify, prioritize, and generate onboarding guides—so untrusted third-party documents can influence agent actions.