deep-research

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.75). 这些链接包含占位符/未知域名（https://xxx 不可解析）、和一个未指明仓库的 GitHub 路径（https://github.com/xxx），同时技能要求下载/执行文件：在无法验证来源、签名、发布者或仓库信誉的情况下，此类组合高度可疑，可能被用于分发恶意可执行文件；example.com 本身为示例域名但不能证明真实内容安全。

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and ingests content from user-provided URLs using "webfetch" and performs联网搜索 via the Task tool that pulls community discussions, GitHub repos and public web pages, so it clearly consumes untrusted public third‑party content.