baoyu-url-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill launches Chrome and fetches arbitrary user-supplied URLs (scripts/main.ts launches Chrome with args.url and evaluates cleanupAndExtractScript, then html-to-markdown.ts converts the extracted HTML), so it ingests untrusted public web content that could contain indirect prompt injection.