website-to-hyperframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to run "npx hyperframes capture " and to read extracted files (e.g., extracted/visible-text.txt, asset-descriptions.md, screenshots) from arbitrary user-provided/public websites (references/step-1-capture.md and SKILL.md), meaning untrusted third-party content is fetched and directly read and used to drive scripts, storyboards, and build decisions.