building-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Registry and Marketplaces instructions in SKILL.md (e.g., references/registry.mdx and references/marketplaces.mdx) explicitly show commands that fetch public, user-hosted component manifests (e.g., "npx shadcn@latest add https://21st.dev/... " and deploying JSON to a Vercel endpoint), meaning the workflow ingests arbitrary third‑party, user-provided content that could influence subsequent tool actions.