general-writing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the workflow in "阶段 1：素材收集" explicitly calls external collection scripts (e.g., .claude/skills/deep-research/scripts/research.py and image-search/scripts/image_search.py) to fetch background research and images from external sources, which the agent then ingests and uses to drive writing decisions, exposing it to untrusted third-party content.