thatopen-errors-loading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow explicitly fetches and loads third-party WASM and IFC files (e.g., SKILL.md E-03, E-11 and references/examples.md's safeLoadIfc and CDN/worker examples), and instructs the agent to initialize and execute those binaries/scripts (ifcLoader.setup/load and fragmentsManager.init), so untrusted public content could materially alter runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill clearly calls fragmentsManager.init() with a remote worker URL (e.g., "https://unpkg.com/@thatopen/fragments@3.3.6/dist/worker.mjs"), which is fetched at runtime and executes remote JavaScript as a required dependency, so it constitutes a high-risk runtime external code dependency.