yuandian-law-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly queries the public 元典开放平台 (open.chineselaw.com) APIs (e.g., /open/law_vector_search, /open/case_vector_search, /open/rh_ptal_search, /open/hall_detect) as implemented in scripts/yd_search.py and described in SKILL.md/references, ingests returned law, case, and enterprise texts (third‑party content) and uses those results to drive analysis and subsequent actions (e.g., selecting case-detail calls), so untrusted external content can materially influence agent behavior.