crawl-websites-at-scale

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to crawl and scrape arbitrary public websites (e.g., the spider classes using start_url/start_urls and parse that follows links and extracts fields, plus the "Agent prompt" that tells the agent to confirm target URLs and follow pagination), which means it will fetch and interpret untrusted third-party web content as part of its workflow.