scraperapi-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's recipes and workflow (notably recipes/serp-news-monitor.md and SKILL.md) explicitly instruct the agent to fetch and scrape public web pages (e.g., https://www.google.com/search?q=... and https://news.google.com/search?q=...) and to start crawls from arbitrary startUrl via crawler_job_start (references/crawler.md), meaning the agent ingests untrusted, user-generated/open-web content and uses that content to drive extraction, tool escalation, crawling decisions, and subsequent actions.