slidev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's docs explicitly show runtime embedding/fetching of arbitrary third‑party content — e.g., iframe URLs in references/core-frontmatter.md, automatic caching of remote images in references/build-remote-assets.md, and social embeds like in references/core-components.md — so the agent will ingest/display untrusted web/social content during execution and could be indirectly influenced.