scrapling-official

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and renders arbitrary public web pages as part of normal operation (see SKILL.md and CLI examples like scrapling extract get "https://example.com" and the MCP tools get/fetch/stealthy_fetch in references/mcp-server.md which accept arbitrary url/urls), so untrusted, user-generated third‑party content is ingested and returned for the agent to read and act on, which could materially influence subsequent tool use.