apify-actor-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md (Quick start workflow and the Input schema's "startUrls") plus guidance to use CheerioCrawler/PlaywrightCrawler explicitly require fetching and ingesting arbitrary public websites (untrusted third‑party content) that the Actor is expected to read/interpret as part of its workflow and which can influence routing/processing behavior, enabling indirect prompt injection risk.