nutrient-document-processing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and server-fetches arbitrary remote URLs (see references/generation-and-conversion.md "Remote URL generation or conversion" and multiple scripts whose --input/--inputs help text says "Path or URL"), and those fetched, untrusted third‑party HTML/documents can be extracted (e.g., scripts/extract-text.py, extract-table.py) and returned/used by the workflow, allowing content from the open web to influence subsequent processing or agent decisions.