csp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). 该技能的运行时流程会通过本地脚本（如 scripts/source_search.py、scripts/moegirl_api.py）在运行中抓取/提取公共网页或维基内容（如 Moegirl MediaWiki API、Fandom/Wikipedia 等），这些被读成可读文本后会进入研究文件并最终进入 LLM 上下文用于蒸馏与生成。

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). This repo explicitly runs local scripts at runtime that fetch external content (e.g., python scripts/moegirl_api.py which queries Moegirl at https://zh.moegirl.org.cn and the source discovery that pulls pages like https://anime.bang-dream.com/..., bandori.fandom.com, bestdori.com) and the install/usage notes also instruct cloning/executing code from the GitHub repo (https://github.com/qian-gugugaga/Character_Skill_Producer), so external URLs are fetched during skill runtime and their contents directly influence/drive the agent’s prompts and behavior.