personal-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md Step 2 and Step 4) calls yuque_search and yuque_get_doc to fetch and read user-generated documents from the third-party Yuque service, which the agent ingests and uses to synthesize answers and drive next actions, allowing arbitrary document content to influence behavior.