linkfox-zhihuiya-patent-image-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls the external LinkFox/Zhihuiya API (https://tool-gateway.linkfox.com/zhihuiya/patentImageSearch) and ingests/prints returned patent titles, abstracts, full descriptions and image URLs as part of its required workflow (see SKILL.md "API Usage" / "Display Rules" and scripts/zhihuiya_patent_image_search.py), so it consumes public third‑party content that can materially influence ranking/decisions and could carry injected instructions.