electron-app-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and examples explicitly load external web pages and execute page JavaScript (e.g., performance section: view1.webContents.loadURL('https://example.com') / view2.webContents.loadURL('https://another.com') and window-management: windows.preview.webContents.executeJavaScript('getSharedData()')), which shows the runtime app will fetch and read content from public third‑party sites that could influence app behavior.