opengraphio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to connect to OpenGraph.io (via Membrane) to fetch and parse Open Graph metadata from arbitrary public URLs/web pages (see "OpenGraph.io Overview" and the connection/action examples), meaning the agent ingests untrusted third‑party web content that could influence subsequent actions.