fetch-webpage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main workflow (SKILL.md and scripts/fetch.mjs) fetches arbitrary public webpages via the markdown proxy providers listed in scripts/fetch.mjs (MARKDOWN_PROVIDERS) and returns the converted Markdown for the caller to read, exposing the agent to untrusted third‑party content that could contain executable instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). At runtime the script fetches converted page content from external markdown proxy providers (https://pure.md/, https://defuddle.md/, https://markdown.new/, https://r.jina.ai/), and that fetched content is returned for use by the agent—so remote content from those URLs can directly control prompts and the skill depends on them to operate.