wechat-10w-hot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow runs scripts/fetch_hot_articles.py which POSTs to the external API https://onetotenvip.com/skill/cozeSkill/getWxDataByCategoryAndTime and writes/prints public WeChat article data (titles, summaries, oriUrl) that the SKILL.md mandates the Agent to display verbatim and to base the subsequent "爆款规律分析" and HTML generation on, exposing the agent to untrusted, user-generated third‑party content that can influence actions.