writing-clone-profile

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory runtime context-collection workflow (Phase 0.5) explicitly includes "WebSearch 联网调研（按需触发）" and requires web-sourced items (source_type: web, source_path_or_id: https://...) to be ingested into the Context Packet that the agent must read and use for later decisions, so it clearly fetches and acts on untrusted public web content (SKILL.md Phase 0.5 / Context Packet requirements).