scraping-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflows explicitly instruct fetching and parsing arbitrary public web content (e.g., academic-web-scraping's scrape_conference_proceedings uses requests.get(url), easy-spider-guide directs "Open target page" and extract full post_content, google-scholar-scraper uses scholarly.search_pubs to read Google Scholar pages, and repository-harvesting-guide harvest_records pulls from OAI‑PMH endpoints), so the agent is expected to ingest untrusted third-party/web content that can influence subsequent actions.