tuzi-url-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (SKILL.md and scripts/main.ts) explicitly accepts arbitrary URLs and uses Chrome CDP (scripts/cdp.ts) to fetch and render public webpages, then parses that HTML (scripts/html-to-markdown.ts) and follows links to download media (scripts/media-localizer.ts), so it ingests untrusted, user-provided web content that can materially influence subsequent actions (file naming, media downloads, re-running captures).