vercel-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's chat components and API clearly ingest and render user-provided messages (app/ui Chat component mapping messages and app/api/chat/route.ts reading { messages } from request.json and passing them to the model), which are untrusted user-generated content the agent will read/interpret and thus could carry indirect prompt injections.