simplescraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states this integration works with Simplescraper, "a no-code web scraping tool that extracts data from websites," and describes running Membrane actions that return scraped "output" (i.e., ingesting arbitrary public web content), which could contain untrusted instructions that influence agent decisions.