chatbot-widget-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly captures arbitrary page text via useTextSelection/SelectionTooltip (see handleAskAI in ChatWidgetContainer/AnimatedChatWidget and the SelectionTooltip/useTextSelection hooks) and sends that untrusted selected text as contextual prompts to external chat endpoints (handleSendMessage → formatChatRequest → fetch to apiUrl), so third-party page content can directly influence subsequent agent requests and behavior.