last30days-cn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the skill explicitly fetches and scrapes public, user-generated content from platforms like Weibo, 小红书, B站, 知乎, 抖音 and general web pages (see SKILL.md and README) via modules such as scripts/lib/crawler_bridge.py and public-search code in scripts/lib/baidu.py called from scripts/last30days.py, and that untrusted content is parsed and used to generate reports that drive the agent's decisions, enabling indirect prompt injection.