web-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests content from arbitrary public URLs (via r.jina.ai and defuddle.md proxies and direct HTTP/browser fetch flows described in SKILL.md and implemented in scripts/fetch_generic_fallback.mjs and scripts/fetch_special_sites.mjs using cuimp/puppeteer), so untrusted, user-generated third‑party pages can be read and influence agent outputs and actions.