humanizer-cn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary user-provided text ("当收到需要去AI化的文本时") and reads/rewrites that input (which can be copied from public websites, social media, or other untrusted sources), so the agent will interpret untrusted third‑party content at runtime and could be subject to indirect prompt injection.