scraper-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent (Phase 3 "Fetch the page HTML" and related sections) to fetch and analyze raw HTML/JSON from arbitrary public target URLs via the Web Unlocker, Dataset List API, and Browser API, meaning it ingests untrusted third-party web content that can influence scraper decisions and actions.