wechat-official-account

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows it calls the WeChat MP API (e.g., draft/get, freepublish/batchget, user/info endpoints on api.weixin.qq.com) to fetch drafts, published articles and follower data — all user-generated/untrusted content that the agent is expected to read and can influence actions like updating or publishing drafts.