skill-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's /meta-claude:skill:research command explicitly uses the Firecrawl API to perform automated web scraping of public or user-specified sources (arbitrary URLs/public websites) and then ingests and processes that research as part of the workflow, exposing the agent to untrusted, user-generated third‑party content and enabling indirect prompt injection.