mineru-extract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill accepts arbitrary public URLs (scripts/mineru_parse_documents.py --file-sources and scripts/mineru_extract.py "source") which are fetched/parsed via the MinerU API and can emit the extracted Markdown inline (printed to stdout or included in the JSON), so the agent will read untrusted third‑party web content that could contain indirect prompt injections.