pdfco

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and processes arbitrary/public URLs as input (see multiple examples using the "url" field such as "HTML to PDF (From URL)", "Async Mode" with "url": "https://example.com/large-file.pdf", and PDF-to-text/CSV/invoice parser calls), meaning it fetches and ingests third‑party/untrusted web content that the agent will read and act on.