zlib-download-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly queries public, untrusted book archives (Z-Library via scripts/Zlibrary.py which calls 1lib.sk EAPI endpoints and Anna's Archive via the annas-mcp subprocess) and parses their search results/metadata (used to present choices and to drive downloads), so third-party content is ingested at runtime and can materially change subsequent tool actions (search → pick → download) as shown in SKILL.md and the scripts.