Parser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and scrapes open/public third‑party URLs (see Workflows/BatchEntityExtractionGemini3.md and Workflows/ExtractArticle.md which use curl, WebFetch, Bright Data, YouTube/Twitter/Substack scraping) and passes that untrusted, user‑generated web content into Gemini extraction prompts (prompts/entity-extraction.md, link-analysis.md, etc.) whose outputs directly drive parsing, GUID assignment, collision detection, and downstream decisions—so external page content can materially influence agent behavior.