web-content-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches arbitrary public webpages (via curl -s "https://r.jina.ai/<TARGET_URL>" and fallback fetches) and ingests their untrusted web content and images as part of its required workflow in SKILL.md, so third‑party content could influence parsing, file downloads/renames, and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs a runtime fetch using curl on https://r.jina.ai/<TARGET_URL>, injecting the fetched Markdown into the agent's processing flow so remote content from https://r.jina.ai can directly influence prompts/behavior (prompt‑injection) and is required for the skill to operate.