general-writing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the workflow's "阶段 1：素材收集" explicitly instructs calling external tools (e.g., 深度研究 via .claude/skills/deep-research/scripts/research.py and 图片搜索 via .claude/skills/image-search/scripts/image_search.py) to fetch background articles and images from the web, which are untrusted third‑party content that the agent ingests and uses in writing.