webscraperio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md) instructs the agent to use Membrane actions and the "membrane request" proxy to fetch WebScraper.IO data and API endpoints—which return scraped content from arbitrary public websites—so the agent would ingest and act on untrusted third-party web content (e.g., scraper results) as part of its normal operations.