apify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This SKILL.md explicitly instructs the agent to run Apify Actors with arbitrary public startUrls (examples include news.ycombinator.com, Instagram, Amazon, Google results) and to fetch results via the /datasets/{datasetId}/items and related APIs, so the agent ingests untrusted, user-generated third‑party web and social-media content that could carry indirect prompt-injection instructions.