zlib-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill contacts public, untrusted book repositories — Z-Library via scripts/Zlibrary.py (talking to 1lib.sk) and Anna's Archive via the annas-mcp subprocess — and book.py directly parses those third‑party responses (search results, download links/IDs) and uses them to decide which items to download, so external content can materially influence tool actions.