decodo-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill (see SKILL.md and tools/scrape.py) calls Decodo's Web Scraping API to fetch arbitrary public URLs and sources (google_search, universal scrape, reddit_post/subreddit, youtube_subtitles, amazon) that return untrusted, user-generated web content which the agent ingests and can materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime requests to the Decodo scraping API (https://scraper-api.decodo.com/v2/scrape) to fetch arbitrary scraped pages/Markdown/JSON which are returned into the agent's context and thus can directly influence agent prompts and behavior.