web-clipper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's clip.py explicitly fetches arbitrary public URLs via requests.get and FlareSolverr and extracts their article text (saving to ~/web-clips/), and the workflow (scripts/clip.py and scripts/ingest.py plus SKILL.md) shows those untrusted, user-provided web pages can be ingested into repo-search — so third-party page content is read and can influence downstream tool/search-driven actions.