web-content-extraction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires the agent to accept user-provided URLs and fetch public web content (e.g., "User provides a URL" and the Page discovery / Platform detection sections showing curl, r.jina.ai, and Crawl4AI crawling/sitemap use), which the agent ingests and uses to guide extraction and crawling decisions, so untrusted third‑party pages could indirectly inject instructions.