web-scraping-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs fetching and scraping open/public third‑party sites and APIs (e.g., workflow items like "爬取这个网站的产品信息" and code examples using requests.get(url) and Selenium driver.get(url)), so the agent will ingest untrusted web/user‑generated content that can influence subsequent tool use and decisions.