interaction-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Complex Animation route requires loading references/animation-libraries.md, which contains a navigateTo(url) example that does await fetch(url) and then "Update DOM", demonstrating the agent would fetch and ingest arbitrary external URLs (untrusted third‑party content) that could materially influence behavior.