pdfco

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs using arbitrary public URLs as the url input (see "PDF to Text", "HTML to PDF -> From URL", and the upload/file-URL flows) so the agent will fetch and process untrusted third-party web content (PDFs or webpages) whose contents could include instructions that influence subsequent behavior.