web-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts (fetch.sh, metadata.sh, download.sh) explicitly fetch and parse arbitrary public URLs via curl, so the agent will read untrusted third‑party web content (webpages, files) that could embed instructions and influence its subsequent actions.