tanstack-db

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation (notably references/electricsql-integration.md and setup.md) shows configuring shapeOptions.url (e.g., https://api.electric-sql.cloud/v1/shape and /api/... endpoints) and using fetch()/shape streams to ingest JSON/row data and txid responses that the agent reads and relies on to control optimistic state and persistence handlers, which are untrusted/third-party user-generated sources that can materially influence subsequent actions.