supabase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to consult external documentation and web sources (MCP search_docs, "Fetch docs pages as markdown" via public supabase.com URLs, and "Web search" for Supabase topics), so the agent will fetch and interpret public third‑party web content as part of its workflow which can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly directs the agent at runtime to fetch Supabase documentation pages as markdown (e.g., https://supabase.com/docs/*.md) to drive implementation and verification, so external content from https://supabase.com/docs can directly control the agent's prompts and is relied upon.