x-card

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's docs (reference/CATALOG.md "Remote Catalog Loading" and the API reference for loadCatalog/createSurface) show XCard can automatically fetch a remote catalog via a catalogId URL (e.g., https://...), meaning the runtime will ingest arbitrary public catalog JSON which is untrusted and used to drive rendering/validation and therefore can influence agent-driven UI behavior.