dataforseo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly exposes fetching and parsing of open web content (e.g., "Parse Page Content — Parse and extract structured content from any webpage", "On Page Raw HTML GET", "Google Organic SERP Live", and the proxy request example via membrane request CONNECTION_ID /path/to/endpoint), meaning the agent will ingest untrusted public webpages and search results that could contain instructions influencing its actions.