document-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md Integration Example and related code show it calling a content extractor on an arbitrary public URL (e.g., content_extractor.extract("https://mp.weixin.qq.com/s/xxx")) and the from_feishu flow uses url_to_md to fetch remote Feishu wiki pages, which means the agent ingests untrusted, user-generated web content and uses that content to generate documents and drive subsequent actions.