roblox-game-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes runtime asset-loading code that explicitly calls InsertService:LoadAsset / ContentProvider:PreloadAsync to fetch user-generated Roblox catalog assets (see AssetLoader:LoadModel, BatchLoadModels and PreloadAsync in resources/asset_library.md), and also links to public community resources (devforum, Discord), so it clearly ingests untrusted third-party content as part of its workflow.