mf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses external public webpages and resources as part of its required workflow (reference/docs.md fetches https://module-federation.io/llms.txt and then specific docs pages; scripts/module-info.js fetches mf-manifest.json/types from remoteEntry URLs; and scripts/browser-capture.mjs navigates to arbitrary user-supplied URLs), and those fetched, untrusted third‑party contents are read and used to determine next actions and diagnostics.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's "docs" sub-skill explicitly fetches runtime content from https://module-federation.io/llms.txt (and then pages under https://module-federation.io/) and uses the fetched pages to directly drive the agent's answers, so this external URL controls prompts at runtime.