mobile-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's examples (e.g., "Infinite Scroll Feed" which calls fetchPosts(page), "Pull-to-Refresh Feed" with onRefresh, and "Mobile Search"/autocomplete using fetchSearchResults/getSuggestions, plus image src attributes for posts/products) explicitly fetch and display external/user-generated content from public APIs or URLs, so it clearly ingests untrusted third-party content as part of its runtime workflow.