afa-creative

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting and using external public site and social media content—e.g., the Context Matrix lists store_url ("用于核对素材承接页") and the Brand Kit template notes "品牌网站 URL（用于提取视觉风格）" and Mode 1 Step 1 requires collecting "网站截图、社交媒体、产品图"—which the agent must read and use to drive prompts and creative decisions, exposing it to untrusted third‑party content.