article-translator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly requires fetching and rendering arbitrary article URLs using Playwright or WebFetch (see the "获取文章正文" steps that call mcp__plugin_playwright_playwright__browser_navigate and the backup WebFetch/URL inputs), so the agent ingests untrusted public web content (and images) as part of its workflow which could carry embedded instructions influencing its actions.