markitdown-converter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and converts user-provided files in the "Integration with Telegram File Drop" workflow (and also supports HTML and YouTube URLs), so untrusted third-party content is ingested and stored as agent memory and could contain embedded instructions that influence agent actions.