document-conversion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests arbitrary HTTP/HTTPS URLs and remote files (modules/uri-construction.md and modules/fallback-tiers.md describe using WebFetch and passing URLs like https://example.com/... or arXiv links, and Tier 2/Read fetches remote PDFs), so untrusted third‑party content is read and converted into markdown for downstream processing, which can influence agent decisions despite a sanitization step.