temu-store-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill calls a public EHunt Temu store data API via the Nexscope proxy (POST /api/v1/tools/linkfox/ehunt/temu/storeQuery), and the returned stores[] fields (e.g., storeName, categoriesCn/categories) are ingested into the agent’s LLM context as part of the tool result—this is outsider-authored free text from an external data provider.