helios-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md shows runtime fetching/ingestion of external resources (e.g., the Stability Registry example using helios.registerStabilityCheck(fetch('/data.json')...) and schema fields that accept model/json/shader URLs), indicating the agent can load and process arbitrary user-supplied third-party URLs which can influence rendering/behavior.