article-extractor

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The docs URL (docs.astral.sh) is normal documentation, but the direct installer (https://astral.sh/uv/install.sh) is a raw shell script (curl|sh style) which—while likely from the project—constitutes a higher-risk download that should be inspected and verified (checksums/signatures, trusted package sources) before execution.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and parses arbitrary public web pages (user-provided URLs) using reader/trafilatura/tapestry-extract-html to extract article text—i.e., untrusted third-party blog/news content that the agent reads and interprets, allowing indirect prompt injection.