web-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests arbitrary public web pages (see Stage 2: fetch_static, fetch_with_playwright, and extract_page_content in SKILL.md) and then uses the extracted text to drive pipeline decisions and to feed an LLM for entity extraction (Stage 5), so untrusted third‑party content can materially influence tool use and next actions.