vitepress-skilld

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's docs explicitly describe fetching and ingesting remote CMS and web data (see references/docs/en/guide/cms.md which shows using fetch('https://my-cms-api') and references/docs/en/guide/data-loading.md which allows data loaders to fetch remote data and include rendered HTML/frontmatter), and that content is imported and used at build/runtime to generate pages and influence routing/layout, so untrusted third‑party content would be read and could materially affect rendering/behavior.