web-archiving

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly fetches and ingests arbitrary public web content (e.g., capture_as_evidence uses requests.get(url), Wayback Machine/Archive.today/Memento API calls, and ArchiveBox add_url) so the agent will read untrusted third‑party/user-generated pages and could be exposed to indirect prompt injection.