markitdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). MarkItDown explicitly fetches and converts arbitrary web pages and YouTube transcripts (see references/web_content.md: "HTML from URLs", "YouTube Transcripts" and the web scraping pipeline) and the batch_convert examples show downloading and processing open web content, so the agent will ingest untrusted, third‑party user-generated content for interpretation.