llms-txt-crawler

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The crawler (scripts/crawl.js) fetches a public llms.txt from the provided --url (it constructs llms.txt via new URL('/llms.txt', baseUrl)) and then downloads and parses every linked page URL from the open web (using fetchWithRetry and parseLlmsTxt), so it ingests arbitrary untrusted third‑party content for the agent to read and use.