displaying-html-in-flutter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill shows and loads arbitrary web/HTML content into an iframe/WebView (e.g., setting iframe src and calling _controller.loadUrl(widget.src)), and links to public demos/GitHub/YouTube, so it clearly can display untrusted third-party web content that could carry indirect prompt injections.