wechat-mp-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's collect_sources.py explicitly fetches arbitrary public URLs via --source-url (scripts/collect_sources.py and examples in SKILL.md/docs), and that fetched, untrusted web content is merged into the article bundle which plan_images.py and run_pipeline.py use to build prompts and drive external tools (image generation, upload, draft/publish), so third-party pages can materially influence prompts and subsequent tool actions.