mineru-pdf-converter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary remote file URLs (see "Convert from URL" in SKILL.md and the --url handling in scripts/mineru_convert.py which calls submit_task/ download_result for external URLs), so it fetches and converts untrusted third‑party documents into Markdown that the agent will read and could contain instructions that influence subsequent behavior.