vitepress

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill includes build-time fetches and content injection from arbitrary remote APIs/CMS (see references/features-data-loading.md showing fetch('https://api.example.com/data') and references/features-dynamic-routes.md showing fetch('https://cms.example.com/posts') with content inserted via paths loaders), so untrusted public/user-generated content can be ingested and rendered for the agent to read, enabling indirect prompt injection.