web-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches arbitrary public webpages provided via the url/urls parameters using AsyncWebCrawler/Crawl4AI (see SKILL.md examples and main.py fetch_url/fetch_batch), returning scraped Markdown that the agent is expected to read—thus exposing untrusted, user‑generated third‑party content that could carry instructions and influence downstream agent behavior.