felo-web-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly accepts arbitrary webpage URLs (see SKILL.md required --url and scripts/run_web_fetch.mjs which builds a payload.url and POSTs to https://openapi.felo.ai/v2/web/extract) and returns/exposes the fetched page content for the agent to read and act on, so untrusted public web content could indirectly inject instructions.