article-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly downloads and extracts article content from arbitrary public URLs (e.g., the ARTICLE_URL reader/trafilatura/curl workflows and example commands) meaning it ingests untrusted, user-generated web content and the extracted text is used/displayed and can drive downstream actions (e.g., naming files, previews, and optional "create a Ship-Learn-Next plan"), so third-party content could indirectly influence agent behavior.