ahrefs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to call Ahrefs API endpoints (e.g., /v3/site-explorer/all-backlinks and related backlink/anchor fields) to fetch and interpret backlink data (url_from, anchor, etc.) that originate from arbitrary public websites, so untrusted third-party content could influence decisions or actions.