html-to-pdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill accepts arbitrary http/https URLs and navigates to them in scripts/html-to-pdf.js (page.goto(input.content)), reads/inspects the page content (page.content and document.body.innerText), and the README also requires the agent to read/verify the generated PDF, so untrusted public web content is fetched and interpreted as part of the workflow.