stitch-design-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to use web_fetch/read_url_content to download and parse htmlCode.downloadUrl (and screenshot.downloadUrl) from Stitch project assets, meaning it will ingest and interpret untrusted, user-provided HTML/images as part of its analysis and synthesis workflow (검색 및 네트워킹 step 5), which could contain instructions that materially influence subsequent actions.