page-cro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to "read the page source" when a user provides a URL, meaning it fetches and ingests arbitrary public web pages (untrusted third-party content) for interpretation.