atomemo-plugin-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference docs (e.g., "Complete Tool Example — Firecrawl Scrape" in references/declarative-parameters-examples.md and the resource_mapping/resource_locator examples in references/declarative-parameters-resource-mapper.md and -resource-locator.md) show tool invoke() implementations that fetch/scrape arbitrary public URLs and call third‑party APIs (e.g., api.firecrawl.dev, apiClient.listWorkspaces/getSchema), meaning untrusted, user-provided web content is ingested and used to drive tool logic and mappings.