matrixscan-batch-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to fetch and verify APIs from external public documentation and sample repositories (e.g., docs.scandit.com pages and GitHub sample links) and to "fetch the relevant documentation page before responding," which means the agent will browse and interpret untrusted third‑party web content as part of its workflow.