link-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and scrapes arbitrary HTTP/HTTPS URLs (see fetch/extract in index.js and scrape.js) and SKILL.md instructs the agent to use it to read and summarize user-shared web pages, so untrusted third-party page content can directly influence the agent's summaries and subsequent actions.