tencent-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and reads user-generated documents from Tencent Docs (e.g., search_space_file → get_content in SKILL.md and references/api_references.md and smartcanvas.get_page_info in references/smartcanvas_references.md), and those third-party document contents are used in workflows that drive subsequent actions (search/read → update/append/delete), so untrusted content could inject instructions that materially influence agent behavior.