design-archivist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the SKILL.md Core Process ("Identify seed URLs or search queries", "Begin systematic crawl", "Capture visual snapshot", "Extract Visual DNA") and references/domain_guides.md explicitly instruct fetching and analyzing public, user‑generated sources (e.g., Dribbble, Behance, Awwwards, Product Hunt, Shadertoy), so the agent ingests untrusted third‑party web content that directly drives analysis and follow‑on decisions.