website-to-hyperframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md Step 1 and references/step-1-capture.md) explicitly instructs the agent to run "npx hyperframes capture " on arbitrary websites and then read captured artifacts (scroll screenshots, capture/extracted/visible-text.txt, tokens.json, asset-descriptions.md), i.e. untrusted public third-party content that the agent must interpret and which directly drives design, scripting, and composition decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs a runtime capture of a user-supplied website via "npx hyperframes capture " (example: https://stripe.com) and then ingests the extracted files (visible-text.txt, tokens.json, shaders.json, asset descriptions) to drive prompts, DESIGN.md/SCRIPT.md/STORYBOARD generation — meaning arbitrary external site content is fetched at runtime and directly controls the agent's instructions.