alibabacloud-waf-checkresponse-intercept-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly queries and ingests user-generated WAF/SLS logs (see "Step 3: Query SLS Logs" in SKILL.md and scripts/get_waf_logs.py which calls "aliyun sls get-logs"), parses fields like request_uri, final_plugin and rule_id, and then uses those extracted values to drive subsequent DescribeDefenseRule/ModifyDefenseRuleStatus calls, so untrusted third‑party log content is read and can materially influence actions.