htmx-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to invoke the dev-guides-navigator plugin (via /dev-guides-navigator) for "deeper Drupal context" and also references external dev-guides URLs (e.g., https://camoa.github.io/dev-guides/...), meaning the agent will fetch and interpret public third-party documentation as part of its workflow, which could enable indirect prompt injection.