smart-summary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md Step 3 "Fetch Content") explicitly calls MPC tools like yuque_get_doc / yuque_get_toc to read content from public Yuque URLs (https://www.yuque.com/{namespace}/{slug}), which are user-generated/untrusted pages that the agent must read and whose content is used to decide what to summarize and how to act.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill uses the yuque_get_doc / yuque_get_toc / yuque_list_docs tools at runtime to fetch arbitrary documents from https://www.yuque.com/{namespace}/{slug}, and that fetched content is injected into the model context to directly control the agent's outputs (summary generation).