rust-wasm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes an async fetch_data(url: &str) function (Async/Await in WASM section of SKILL.md) that uses window.fetch to load JSON from arbitrary URLs, so it clearly ingests untrusted, user-supplied third‑party web content that the agent would read/interpret.