microlink-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and scrapes arbitrary public URLs (see SKILL.md and api-reference.md's required "url" parameter and examples in common-workflows like scraping.md and page-text.md, e.g., news.ycombinator.com) and instructs the agent to extract/interpret HTML/text/markdown/JS-evaluated content from untrusted web pages, which could carry instructions that materially influence subsequent actions.