heroui-native

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow and scripts (scripts/get_component_docs.mjs, scripts/get_docs.mjs, scripts/list_components.mjs, scripts/get_theme.mjs and SKILL.md) explicitly fetch MDX/docs and lists from public endpoints (https://native-mcp-api.heroui.com and fallback https://heroui.com including https://heroui.com/docs/native/... and https://heroui.com/native/llms.txt), meaning the agent will ingest external public website content that can materially influence its actions.