vchart-development-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly instructs (under "通用查询策略" / "在线资源（补充）") that when the local knowledge base is insufficient the agent should consult public online resources — including official docs and GitHub (e.g., "Issue 搜索: https://github.com/VisActor/VChart/issues") — meaning the agent will fetch and interpret open/public, user-generated content that can influence its generated code and actions.