crawl4ai-seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary public web content (seed_urls.py fetches robots.txt/sitemap.xml and crawl_batch.py runs crawl4ai on URLs supplied via launch params or discovered seed), then parses page HTML in normalize_page / extract_html_signals / extract_navigation_signals and uses those extracted signals to build reports and drive follow-up actions, so untrusted third‑party content can materially influence tool behavior.