job-hunt-fetcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires ingesting user-provided screenshots of public job platforms (e.g., Boss直聘, 智联招聘, 前程无忧, 猎聘, etc.) and mandates the agent read and parse their text to extract fields and drive branching/next actions (asking for missing titles, merge vs separate, and file creation), so untrusted third-party content could influence behavior.