localhero

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill dynamically loads glossary, settings and translation files from the third‑party Localhero.ai service (e.g., via commands like "npx @localheroai/cli glossary", "pull", "clone" and the note "Glossary terms and settings are loaded dynamically when the skill activates"), which imports external project/user-provided content that the agent will read and could contain untrusted/user-generated text.