cline-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's ClineCore runtime explicitly exposes a built-in "fetch_web" HTTP/web-fetch tool (references/clinecore/REFERENCE.md and references/tools/REFERENCE.md) and documents enabling built-in tools via enableTools so the agent will fetch and read arbitrary public web content during runs, which could let untrusted third-party pages influence its tool use and subsequent actions.