warren-buffett

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Agentic Protocol (see SKILL.md Step 2: "如果用户没有，使用WebSearch" and example responses like "[WebSearch执行中...]") instructs the agent to fetch and interpret live web/search results from public sites to obtain company data that directly drives analyses, buy/sell guidance and follow-up actions, thereby exposing the agent to untrusted third‑party content that could carry indirect prompt injections.