wp-playground

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and runs blueprints from remote/public URLs (see "3) Run a Blueprint" which supports --blueprint= and "7) Browser-only workflows" with ?blueprint-url=), meaning it fetches and interprets untrusted third-party content that can control subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes "npx @wp-playground/cli@latest" at runtime (i.e., fetching and running the @wp-playground/cli package from the npm registry), which will download and execute remote code as a required runtime dependency, so this is a runtime external dependency that can execute remote code.