web-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly directs the agent to fetch and analyze arbitrary public web pages via analyze_page({ url: "https://example.com" }) (through Crawlio's ControlServer) and then normalize and act on the returned enrichment data (e.g., create_finding), so untrusted third-party content can directly influence analysis and subsequent actions.