raycast-extensions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes examples that fetch and render open/public third-party content (e.g., useFetch("https://jsonplaceholder.typicode.com/posts") and related comments in examples/data-fetching.tsx, images from https://picsum.photos and https://assets.pokemon.com in examples/grid-with-images.tsx and detail-with-metadata.tsx), which are untrusted/user-generated sources that the extension reads and displays as part of its workflow.