threejs-scene-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill loads and processes models and textures from arbitrary URLs (e.g., ModelLoader.loadGLTF(url), loadTexture(url)) and explicitly pulls user avatars from public Ready Player Me (https://models.readyplayer.me/{avatarId}.glb) and references sites like Sketchfab/Mixamo, so it ingests untrusted, user-generated third‑party content that the agent reads and interprets at runtime.