vite-starter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required Step 3 ("社区模板") explicitly directs using community templates referenced on Awesome Vite and cloning arbitrary GitHub repos via npx tiged (<用户名/仓库名>), which fetches untrusted, user-generated third‑party content that will be installed/used and can materially affect commands or behavior.