astro-framework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill contains explicit examples that fetch and render external, user-controlled content—e.g., references/components.md and references/ssr-adapters.md show fetch('https://api.example.com/...') and references/content-collections.md shows custom loaders that fetch from external APIs, plus remote images/domains like images.unsplash.com in references/images.md—so the agent would ingest and render untrusted third-party content as part of its workflow.