apify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly exposes actions that fetch Apify dataset and key-value store records (e.g., "get-dataset-items", "get-key-value-store-record" and listed Actor/Task results) which are sourced from Apify's web-scraped public websites and thus allow the agent to read untrusted third-party content that could influence subsequent actions.