design-deck

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to "proactively browse real examples" and fetch public component.gallery pages (e.g., https://component.gallery/components/tabs/) and to "use the URLs to reference actual documentation when generating options," which requires ingesting untrusted third‑party web content that can influence generation and decision-making.