v0-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The included script scripts/fetch-v0.mjs and the /adapt-v0 workflow explicitly fetch chat source files from the public v0.dev Platform API (https://api.v0.dev) into designs// and the skill instructs the agent to read and act on those files/notes.md as part of the adaptation process, meaning untrusted third-party content can directly influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Yes — the runtime script (scripts/fetch-v0.mjs) calls the v0 Platform API at https://api.v0.dev/v1 to fetch chat files (including notes.md) that are written into designs/ and then consumed by the adaptation skill, so remote content fetched at runtime can directly control agent prompts and is a required dependency.