url-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and converts arbitrary public webpages via r.jina.ai (primary) and markdown.new (fallback) into Markdown for downstream agent reuse (see SKILL.md and scripts/url_to_md.py), so untrusted third-party content is ingested and can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). This skill performs runtime requests to https://r.jina.ai/ and https://markdown.new/ to fetch arbitrary webpage content as Markdown which is then saved for downstream agent reuse, meaning the fetched content can directly influence agent prompts (prompt-injection risk) even though it does not execute remote code.