defuddle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs using "defuddle parse --md" to fetch and extract content from arbitrary public web pages (articles, blogs, documentation), so the agent will ingest untrusted third‑party web content that could influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs defuddle at runtime (defuddle parse ) to fetch arbitrary external web pages (the user-supplied ), and that fetched content is extracted and injected as markdown into the agent context so it can directly influence prompts/instructions.