scrapling-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md and accompanying files (e.g., SKILL.md examples like "mcporter call scrapling fetch_page --url URL", references/mcp-setup.md tool descriptions, and scripts/scrapling_scrape.py and scrapling_smoke_test.py) explicitly fetch and parse arbitrary public URLs/HTML, meaning the agent will ingest untrusted third-party web content (public sites, user-generated pages) and use that content to drive parsing, spidering, and follow-up requests—so third-party page content can materially influence tool use and next actions.