weixin-channels-publish

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill automates a browser against the public Weixin Channels site (channels.weixin.qq.com) and explicitly snapshots/reads page content (login iframe/QR code, element text like "二维码已过期", input[type="file"], progress elements) as part of its required workflow in SKILL.md, so untrusted third-party page content is ingested and used to decide actions.