content-harvest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and extracts article content from arbitrary public URLs (e.g., via reader "URL", trafilatura --URL "URL", and curl "URL") and then reads and previews that scraped content as part of its workflow, exposing the agent to untrusted third-party content that could carry injected instructions.