apify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to run Apify Actors to scrape open/public websites and social media (e.g., "Web Scraping", "Social Media Scraping", "Run Actor" and examples like instagram-scraper, twitter-scraper), meaning the agent will fetch and read untrusted third-party/user-generated content as part of its workflow, which could allow indirect prompt injection.