article-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly downloads and extracts content from arbitrary ARTICLE_URLs (see "Complete Workflow" and the extraction methods using reader/trafilatura or curl) and uses that untrusted webpage text as extracted content/preview and as potential input to follow-up actions (e.g., offering to create a Ship-Learn-Next plan), so third-party content could indirectly inject instructions.