web-scraping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly defines scraper tools (mcp__scraper__scrape_url, mcp__scraper__scrape_url_html, mcp__scraper__scrape_url_text, mcp__scraper__scrape_extract_links) that fetch and ingest arbitrary public web pages/URLs and convert them to markdown/plain text for LLM consumption, so untrusted third-party content from those pages could influence the agent's decisions or actions.