stale-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly calls yuque_list_docs and yuque_get_doc to fetch and read user-generated documents from a Yuque knowledge base (third‑party content) and then uses that content to classify staleness and drive update/archive recommendations, so untrusted document content can influence agent decisions.