markdown-url

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt instructs the agent to output the original URL verbatim (prefixed with https://markdown.new/) including scheme, path and query string, so any secrets embedded in a URL (API keys, tokens, cookies) would be reproduced in the agent's output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's rewrite rule (SKILL.md) and scripts/markdown-url.js send arbitrary external website URLs through https://markdown.new/, causing the agent to fetch and render open/public third‑party web content (user-generated or untrusted), which could carry indirect prompt injection.