web-crawler

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse untrusted public content—YouTube metadata/transcripts via SerpApi (search.json engine=youtube_video_transcript) and arbitrary web pages via Firecrawl (POST https://api.firecrawl.dev/v2/scrape)—and requires the agent to read and act on that content (summarize, extract, and base decisions on it), which could carry indirect prompt-injection risk.