handlebars

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill automatically includes the third-party "handlebars-helpers" package (see the GitHub reference) which exposes code helpers such as {{ gist id }} and {{ jsfiddle id }} that embed public GitHub Gists/jsFiddle (user-generated, untrusted) into template rendering, so rendering templates with these helpers would fetch and interpret arbitrary external content.