extruct-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and reference docs explicitly run Extruct "research_pro" agents, Deep Search, and read "deep-search results" and "tables data" (e.g., the "Recent News" column that returns headlines and URLs) — these flows ingest public web/social content via the Extruct service and the skill then reads and uses those results to decide follow-up actions (move domains into tables, add/run columns, scoring), which could allow untrusted third-party content to indirectly inject instructions.