translate-polisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly fetches arbitrary public URLs via curl to https://r.jina.ai/http:// and then mandates reading and using that fetched webpage Markdown as the source content (including spawning subagents and driving translation decisions), so untrusted third‑party page content could carry instructions that materially influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches user-supplied pages at runtime using "curl -L" via the r.jina.ai fetcher (https://r.jina.ai/http://), and the retrieved Markdown is injected into the agent's context to drive the translation prompts, so this runtime URL fetch directly controls agent input.