baoyu-post-to-weibo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts explicitly open and interact with public Weibo pages (https://weibo.com and https://card.weibo.com/article/v3/editor) and execute DOM/Runtime evaluations that read page text/innerText (e.g., checking for the "写文章" button, editor content length, placeholders, and image counts) to decide clicks, pastes, and uploads, so untrusted, user-generated web content can influence tool actions.