learn-anything-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Source Strategy in SKILL.md and references/source-strategy.md explicitly directs the agent to "主动查找官方文档、原始资料...高质量最佳实践" when the user provides no materials, i.e., to fetch and read public third‑party web sources as part of its workflow, which could allow indirect prompt injection.