ahrefs-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public webpage content and AI-cited links (e.g., site_audit_page_content returns page_text/raw_html/rendered_html for arbitrary target_url in SKILL.md and the Brand Radar endpoints return 'response' and 'links' citing external pages), so the agent will read untrusted third-party web content that could materially influence actions.