skill-extract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly includes a "URL Extraction" usage example ("/octo:extract https://example.com ..."), references DOM/Computed Styles analysis in the Token Extraction Pipeline, and an ERR-002 "Network timeout (URL extraction)" error, indicating the skill fetches and interprets arbitrary public webpages whose untrusted content could influence extraction decisions and downstream actions.