stitch-react

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly downloads Stitch screen HTML via the Stitch MCP htmlCode.downloadUrl in "Step 1: Stitch 스크린 가져오기" and then parses that (user-/project-generated) HTML to extract tokens and drive component generation, so untrusted third-party content is ingested and can materially change actions.