manus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill creates Manus tasks and explicitly polls the Manus API for task outputs (SKILL.md "Get Task Status & Output" / "Extracting Output Files") and the included scripts/manus.sh download files from fileUrl returned by the third‑party Manus service (and Manus agents may browse public web), so the agent will ingest untrusted, third‑party content that could contain instructions affecting subsequent behavior.