feynman-perspective

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly mandates in "Step 2: 费曼式研究" that the agent "必须使用工具（WebSearch等）获取真实信息" and to search public papers/sites/independent reviews, and those fetched third‑party results are required input for the agent's facts and subsequent decisions, so untrusted web content could materially influence behavior and enable indirect prompt injection.