identify-page-structure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires scraped webpage outputs (cleaned.html and screenshot.png) from the scrape-webpage skill (see "Prerequisites" / "scraped webpage output" in SKILL.md), meaning it ingests arbitrary public web content that the agent must read and interpret to drive downstream authoring decisions, which exposes it to potential indirect prompt injection.