alibabacloud-ddoscoo-intercept-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses untrusted, user-generated request data from third-party SLS full logs (via "aliyun sls get-logs" in SKILL.md Step 3 and scripts/get_ddos_logs.py) and then uses fields like cc_phase/last_owner/request_uri to decide follow-on rule queries and actions, so external log content can materially influence agent behavior.