content-parser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly asks for a user-provided HTTP(S) URL (SKILL.md "Step 1: URL Input") and its supported-platforms.md lists public sources like general web pages, Twitter/X profiles, YouTube, WeChat, PDFs, and other user-generated content that the agent fetches, extracts, reads, and can pass to downstream skills, so untrusted third‑party content can directly influence subsequent actions.