aws-wechat-article-assets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads .aws ZIP bundles from third-party HTTPS URLs on aiworkskills.cn (see SKILL.md "可选从 aiworkskills.cn 域下载 .aws 预设包" and scripts/import_presets_aws.py), then extracts/merges preset files and writing-spec.md into .aws-article/presets and prints config diffs to stdout for the agent to read—files and config can be read by this and companion skills and thus can alter agent behavior, so untrusted remote content can indirectly inject instructions.