catalyst

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required "Data Fetching" workflow and templates (references/data-fetching.md and assets/page-template.js) instruct implementing serverFetcher/clientFetcher that fetch arbitrary external APIs (example: https://api.example.com) and the navigation/lifecycle docs (references/navigation.md, references/lifecycle-and-shell.md) show fetch results can trigger redirects or lifecycle actions, so the agent would read and act on untrusted third-party content fetched at runtime.