scrapin-io

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using Scrapin.io via Membrane actions (e.g., "Get Post Comments", "Get LinkedIn Profile" and creating/running actions that scrape websites) so the agent will ingest public, user-generated web/social content returned by those actions, which could contain untrusted instructions that influence subsequent behavior.