defuddle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs using Defuddle to parse user-provided web page URLs (e.g., "defuddle parse --md"), meaning the agent fetches and ingests arbitrary public web content (articles/blogs) that could contain untrusted instructions and enable indirect prompt injection.