tauri

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The documentation explicitly describes loading external URLs into WebViews and allowing remote origins and HTTP endpoints (see references/develop-windows.md "url: Path or URL the webview loads" and references/security-capabilities.md "Remote API Access") and also documents plugins that fetch public endpoints (http, updater), so the skill covers runtime behavior that can ingest untrusted, user-provided web content which could enable indirect prompt injection.