book-skill-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the skill's required workflows (SKILL.md and references/web-analysis-flow.md and references/document-analysis-flow.md) explicitly instruct using WebFetch/Read and search on user-provided website URLs (e.g., "网站内容读取
• 获取 URL，读取内容" and examples like https://vuejs.org) so the agent will fetch and interpret open/public third‑party web content which can directly influence planning and subsequent actions.