scrapfly-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly receives and parses Scrapfly webhook POSTs (see SKILL.md and examples/express/src/index.js) that contain scraped page HTML, URLs, and crawler events (payload.result.content, payload.result.url, payload.event), and those parsed payloads are routed and suggested to be persisted or enqueued for downstream processing, so untrusted third-party content from the web can materially influence subsequent actions.