jina

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests arbitrary public web content (Reader: https://r.jina.ai/{url}, Search: https://s.jina.ai/{query}, DeepSearch: https://deepsearch.jina.ai/...) as described in SKILL.md and the scripts, and that untrusted third‑party content is read and used to drive multi‑step research and agent reasoning, so page-provided instructions could materially influence tool behavior.