md2wechat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches remote, user-specified URLs and provider/prompt metadata as part of its workflow (e.g., "md2wechat download_and_upload https://example.com/image.jpg" and "May download remote images when asked" plus instructions to run "md2wechat providers/prompts show --json" and to prefer prompt metadata), which means untrusted third‑party content can be ingested and can materially influence provider/prompt selection and generation behavior.