markitdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and converts arbitrary web content and user-generated sources—e.g., md.convert("https://...") and requests.get-based web scraping and YouTube transcript examples in references/web_content.md and SKILL.md—so untrusted third-party content is ingested and can influence LLM-driven processing and downstream actions.