refine-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required setup and runtime docs (SKILL.md and references/inferencer.md and references/data-providers.md) explicitly instruct the app to configure data providers and the Inferencer to fetch and analyze data from external API endpoints (e.g., dataProvider("https://api.example.com") and "Inferencer fetches data from your API"), meaning untrusted third-party responses are ingested and used to generate UI/code and drive behavior.