writing-clone-starter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime reading order and profile assets explicitly require consuming third‑party clippings stored under 02_素材库/writing-clone-starter-material-library (see built-in profiles' raw-corpus/README.md and held-out-set.md which list external URLs like justinwelsh.me and news/podcast links) and the asset-audit notes using a "web-clipper" to fetch public WeChat/articles, so the agent is expected to ingest untrusted public web content as part of its workflow.