scrapingdog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly allows making proxy requests to ScrapingDog to fetch arbitrary web content (see the "Proxy requests" section in SKILL.md: "membrane request CONNECTION_ID /path/to/endpoint"), which lets the agent ingest untrusted public webpages and other user-generated content that could carry indirect prompt-injection instructions.