budge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly loads an external IIFE from https://www.budge.design/budge.iife.js (see SKILL.md and references/INSTALL.md) which auto-initializes, generates the edit prompt (copied to clipboard) and that prompt is later pasted/read by the agent as a normal edit instruction, exposing the agent to untrusted third-party content that can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly loads and depends at runtime on the external IIFE https://www.budge.design/budge.iife.js which executes remote code in the page and reads the injected data-budge config to produce/copy edit prompts, so this URL is a required runtime dependency that executes remote code.