label-capture-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to fetch and verify live Scandit documentation and sample pages (e.g., https://docs.scandit.com/... and the GitHub sample) before responding—i.e., it requires loading public third-party web pages whose content the agent must read and use to choose APIs and generate code—creating a clear path for untrusted third-party content to influence actions.