scrapling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow shows the agent fetching and parsing arbitrary public URLs (e.g., SKILL.md and examples like Fetcher.get("https://example.com"), the CLI wrapper scripts run-extract.sh, and references/cli-and-mcp.md plus MCP tools exposing get/fetch/stealthy_fetch), which ingests untrusted third-party web content that can materially influence subsequent tool use and decisions.