ljg-book

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the SKILL.md "怎么找材料" section explicitly instructs: "先 WebSearch / WebFetch 找作者、导言、目录、核心论点的二手解读", which requires fetching and interpreting open/public web pages (untrusted third‑party content) as part of the workflow and thus could allow indirect prompt injection.