extracting-mistral-ocr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts public URLs as input (SKILL.md "Public URL: OCR directly via document_url" and prepare_source in scripts/mistral_ocr_extract.py which sets document_url/image_url), so it fetches and ingests untrusted third-party web content and returns/annotates that text (including document-level annotations) which could materially influence downstream extraction and actions.