crawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly sends arbitrary user-provided root URLs to the public crawl API (POST https://api.inspiro.top/crawl with the "url" field) and returns raw page content/chunks intended to be fed into an LLM context (see "For agentic use (feeding results into context)" and examples in SKILL.md), so it ingests untrusted third‑party web content that can influence agent decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). At runtime the script calls https://api.inspiro.top/crawl (and /map) to fetch arbitrary site pages and the docs explicitly recommend returning “relevant chunks” to feed into LLM context using the instructions/chunks_per_source workflow, so remote content returned by that API can directly control prompts.