fengtang-perspective

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md's "Step 2: 冯唐式研究" explicitly mandates using tools (WebSearch etc.) to fetch and ingest public third‑party content (industry data, company news, interviews, B站/video platforms and other public websites) which the agent must read and use to inform decisions and follow‑up actions, thus exposing it to untrusted web content.