web-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to fetch and ingest arbitrary public web pages (e.g., "Fetch Article Content" using Jina AI Reader via curl "https://r.jina.ai/https://" and the WebFetch option) and then parse those pages (extract image URLs, download assets, and update/act on the content), exposing it to untrusted third-party/user-generated content that can influence automated downloads and subsequent actions.