scraperapi-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md (and recipes/serp-news-monitor.md and references/* docs) explicitly instruct the agent to call ScraperAPI tools (e.g., scrape, google_search, google_news, amazon_search, walmart_reviews, ebay_search, redfin_* and crawler_job_start with arbitrary startUrl) to fetch and ingest content from public websites (Google, Amazon, Walmart, eBay, Redfin, etc.), so the agent will read untrusted third‑party pages whose text could materially influence subsequent tool use and actions.