init-react-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to query the public npm registry for package versions (e.g., "npm view react version") and to install a third‑party skill via npx ("npx skills add ... frontend-codegen"), meaning it fetches and consumes untrusted, user-published content from the open web that directly influences generated package.json, installed tooling, and subsequent agent behavior.