datasheet-interpreter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's scripts (scripts/extract_specs.py — notably process_url() and download_pdf()) download and parse PDFs from arbitrary user-provided or public URLs, causing the agent to ingest untrusted third-party content (external datasheet PDFs) as part of its workflow.