supabase-storage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly lists, downloads, and generates public/signed URLs for files stored in Supabase storage buckets (e.g., public buckets and user-uploaded objects accessed via /storage/v1/object and /storage/v1/object/public/...), which can contain untrusted, user-generated content that the agent may read or process.