dumplingai-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (SKILL.md and references/catalog-domains.md) explicitly instructs using dumplingai catalog search/run for scraping and transcripts (e.g., "scrape page", "youtube transcript", "google search") which fetch and ingest open/public web content that the agent is expected to read and act on (and even rules/safety.md acknowledges fetched content is untrusted), so third-party content could indirectly inject instructions.