pglite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Electric sync workflow (references/electric-sync.md: syncShapeToTable / syncShapesToTables using shape.url like https://my-electric-server.com/v1/shape) fetches arbitrary external server-provided shapes/rows into the local DB and those synced records drive live queries/callbacks, meaning untrusted third‑party content can be ingested and materially influence the agent's behavior.