integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes reading and acting on arbitrary commands embedded in third-party webpages and markdown (e.g., HTML data-terminal-command in references/html-integration.md, tabz: links in references/markdown-links.md, and external JS that sends user-provided prompts/commands to the local WebSocket or POST /api/spawn in references/javascript-api.md and references/spawn-api.md), meaning untrusted web content can be ingested and drive queued/spawned terminal commands.