cloud-convert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports importing files from arbitrary URLs (see "Input — File, URL" and the "Import File from URL" action in SKILL.md), which means the agent will fetch and process untrusted third-party web content as part of its runtime workflow and could be influenced by instructions embedded in that content.