crawlbase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly includes actions like "Crawl URL" and "Get Stored Result" and a "Proxy requests" flow (see the "Popular actions" and "Proxy requests" sections) that retrieve HTML from arbitrary third‑party websites, so the agent will ingest untrusted web content that could contain embedded instructions.