ali1688-sourcing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and scrapes public, user-generated marketplace pages on 1688.com (see SKILL.md "数据来源" and the WebFetch/search examples) and scripts/scrape_1688.py parses that untrusted third‑party content into pricing and sourcing recommendations that directly influence downstream decisions and actions, creating a clear risk of indirect prompt injection.