zero-build-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses a publicly published Google Sheets CSV (SHEET_URL: "https://docs.google.com/spreadsheets/...&output=csv") via loadFromSheets() / DataManager.refresh(), ingesting arbitrary user-generated rows into the app state and UI, which exposes the agent to untrusted third‑party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill loads and executes remote JavaScript at runtime (e.g., the importmap entries from https://esm.sh/react@18.2.0 and https://esm.sh/htm@3.1.1, the Tailwind runtime script https://cdn.tailwindcss.com, and runtime scripts from https://unpkg.com/leaflet@1.9.4 and markercluster) which are required dependencies and therefore fetch and execute remote code in the app context.