qq-zone-photo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and script (scripts/qzone_photos.py) call public QQ Zone endpoints (e.g., photo.qzone.qq.com, up.qzone.qq.com, ssl.ptlogin2.qq.com) and parse user-generated album/photo metadata, descriptions and URLs which the agent reads and uses to choose/list/download/upload content, so untrusted third‑party content can influence subsequent actions.