nuxt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's documentation shows Nuxt can ingest external, public repositories and packages (e.g., "extends: ['github:username/repo', 'gitlab:username/repo']" in references/advanced-layers.md and installing modules from npm/Git in core-modules), which are untrusted user-controlled third‑party sources that the agent would pull in and incorporate at build/runtime.