components-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Registry and Marketplaces sections (e.g., rules/registry.md, rules/marketplaces.md and README examples) explicitly show agent workflows that download and install component JSON from arbitrary public URLs and marketplaces (e.g., "npx shadcn@latest add https://your-project.vercel.app/metric-card.json" and https://21st.dev/...), meaning the agent would ingest untrusted, user-published third‑party content as part of its workflow.