pdf-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "HTML to PDF Conversion" workflow explicitly says to "Navigate to HTML content or URL" and to convert HTML/web pages to PDF, which means it fetches and ingests arbitrary public web pages/PDFs (untrusted third-party content) that the agent would read and could carry indirect prompt injection.