sd-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill autonomously navigates and scrapes ScienceDirect article pages (see "Step 1: Navigate to article page and extract PDF link" in SKILL.md) and reads page DOM/title/contentType to decide actions (click Cloudflare widgets, trigger downloads), so it consumes untrusted third‑party web content that can influence tool behavior.