langextract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts and fetches arbitrary public URLs (see SKILL.md "Long-document extraction (URL input, multi-pass, parallel)" and the text_or_documents parameter in section 8) and the CLI script scripts/extract.py provides a --url option, so the agent will retrieve and interpret untrusted third-party web content that can influence extraction/tool behavior.