slidev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports embedding and fetching arbitrary third‑party content — e.g., iframe layouts with a frontmatter "url" (references/core-frontmatter.md), remote-assets caching for external images (references/build-remote-assets.md), configurable PlantUML server (references/diagram-plantuml.md), and social/media embeds like and (references/core-components.md) — so the agent can be required to read/interpret untrusted web/user-generated content as part of its workflow.