baoyu-url-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and renders arbitrary user-provided URLs (see scripts/main.ts: the CLI accepts and captureUrl launches Chrome and navigates to args.url, then evaluateScript/cleanupAndExtractScript in scripts/html-to-markdown.ts extracts and converts the page HTML), so it ingests untrusted public web content which the agent reads and processes.