html-content-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly fetches and parses arbitrary public web pages (e.g., the extract_meta_generator example uses "curl -s {url}" and the Security Considerations state "Only fetch public pages"), so untrusted third-party HTML, comments, script URLs, and JSON-LD are ingested and can influence the skill's analysis and subsequent behavior.