web-scraping

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Although example.com is a placeholder, the presence of direct .zip download links on an untrusted/unknown domain (and instructions to fetch/execute files) matches common malware distribution patterns, so these URLs should be treated as suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md contains concrete fetch-and-parse workflows (curl commands and Python scripts that read and parse page.html, follow pagination, and extract links/JSON-LD) which fetch and ingest arbitrary public web pages, exposing the agent to untrusted third-party content that could contain instructions influencing subsequent actions (e.g., following links or pagination).