idea-stitch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill programmatically downloads and ingests arbitrary external resources (screenshot_url / code_url) via hooks/scripts/common/downloader.py and the /prd-ui-generate flow (see references/phase-4-stitch-generate.md which calls downloader.py from-screens/from-file), then writes and later reads those downloaded HTML/images into docs during Phase 4/5, exposing the agent to untrusted third-party content that could carry indirect prompt injections.