glmv-pdf-to-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill explicitly accepts an HTTP/HTTPS URL as input and instructs (Phase 1) to download the PDF with curl, then (Phase 2) to "Read All Pages in Order" and extract links/metadata, and (Phase 4) to launch subagents that use the Read/Agent tools to view and ground crops from those page images—so untrusted, user-provided web content is fetched and directly read/interpreted as part of the required workflow.