astro-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Content Layer documentation and examples (references/content-collections.md and SKILL.md) include custom loaders that fetch external APIs (e.g., apiLoader calling https://api.example.com/products) and mention CMS loaders like Notion, and those fetched entries are parsed and rendered via getCollection/getEntry/post.render()/ — demonstrating ingestion and interpretation of third-party/user-generated content into the runtime workflow.