askyourpdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation explicitly includes a "Download PDF from URL" action and document chat/summarize/search actions (in SKILL.md) that ingest arbitrary web-hosted PDFs via the Membrane connector, meaning untrusted third-party content can be fetched and directly influence agent behavior.