shidianguji-fetcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly fetches and parses public pages and search results (e.g., SKILL.md's "方案 A" using external search engines and scripts/runtime-lib.js which calls fetchText, parseSearchHtml, parseChapterLinksFromHtml, and extractChapterContentFromHtml against https://www.shidianguji.com and sitemap URLs), and those untrusted third‑party page contents are interpreted to discover chapters, choose candidates, and drive downloads/exports—so external content can materially influence the agent's decisions and actions.