simplescraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly integrates with Simplescraper, "a no-code web scraping tool that extracts data from websites," and documents Membrane proxy requests and action-run workflows (e.g., "membrane request CONNECTION_ID /path/to/endpoint" and "membrane action run ...") that fetch scraped public web content for the agent to consume and act on, exposing it to untrusted third-party content.