cloud-convert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Yes — the skill explicitly supports importing files from arbitrary URLs (see "Input — File, URL" and the "Import File from URL" action in SKILL.md), so it ingests untrusted third-party content that could contain instructions influencing subsequent actions.