sveltia-cms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly embeds Sveltia from a public CDN (e.g., in the admin/index.html/templates) and configures Git backends (backend: name: github/gitlab/gitea with repo: owner/repo in admin/config.yml), meaning the CMS will fetch and render arbitrary user-generated repository content from third‑party sources.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The admin pages load and execute remote JavaScript from the CDN URL https://unpkg.com/@sveltia/cms/dist/sveltia-cms.js at runtime (via the tag), which causes remote code to be fetched and executed and is required for the CMS to function.