scrapfly-crawler

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill (SKILL.md) instructs the agent to crawl and ingest open/public websites via CrawlerConfig.url and APIs like Crawl.read, read_batch, crawl.warc(), and read_iter (including follow_external_links), meaning it fetches untrusted, user-generated third‑party content that the agent is expected to read and process (e.g., building llms-full.txt), which could allow indirect prompt injection.