markitdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly lists ingesting HTML and "YouTube URLs" (public, user-generated web content) in Supported Formats and also allows third‑party plugins (--use-plugins), so the agent would read untrusted web content as part of its conversion workflow and that content could influence downstream LLM actions.