slidev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documents runtime features that fetch and render arbitrary third‑party content — e.g., embedding arbitrary URLs via the iframe layout (references/core-layouts.md / core-frontmatter.md), embedding social media (Tweet, Youtube) in components (references/core-components.md), and automatically bundling remote images/assets (references/build-remote-assets.md) — which clearly causes the agent/runtime to ingest untrusted public web/user-generated content as part of normal workflow.