slidev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and workflow explicitly describe embedding and automatically fetching remote/untrusted content—e.g., iframe URLs in references/core-frontmatter.md, automatic caching of remote images in references/build-remote-assets.md, embedding tweets in references/core-components.md, and using external PlantUML servers in references/diagram-plantuml.md—so the agent/tool will ingest and render third‑party user-generated pages/assets that could contain instructions affecting behavior.