astro-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes code that fetches and renders arbitrary external content (e.g., the DataFetcher component in references/component-patterns.md which does fetch(url) and calls render(data), and remote image examples/remotePatterns referencing images.unsplash.com), so it clearly ingests untrusted public third‑party content.