web_scraping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and parses arbitrary public web pages (see SKILL.md "Scrape data from websites" and the code tools fetch.sh {url} and scraper.py scrape_url), so the agent is expected to ingest untrusted, user-generated/open-web content that could contain instructions influencing its actions.