wjs-polishing-x-engagement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.78). 该 skill 的运行时流程要求用 web_search/image_search 联网抓取“真事实/事实来源”与可能的图片，并把抓取到的网页文本（如年份、数字、说明性内容）用于生成推文与“事实来源”说明，因此存在来自 OUTSIDER（公共网页内容）的自由文本进入 LLM 上下文的间接提示注入风险。

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)