MinerU Document Extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly exposes the agent to arbitrary HTTP/HTTPS web pages via the "mineru-open-api crawl " / "MinerU crawl accepts any HTTP/HTTPS URL and extracts web page content to Markdown" workflow, meaning untrusted third-party page content is fetched and presented for the agent to read and act on.