python-executor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill executes arbitrary Python code and explicitly documents web-scraping and HTTP usage in SKILL.md (e.g., the "Web Scraping" example using requests + BeautifulSoup to fetch "https://example.com" and listed libraries like selenium/playwright), meaning it can fetch and ingest untrusted public web content that could influence execution or subsequent actions.