spectacles-networking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs runtime fetching and embedding of arbitrary external URLs (InternetModule.fetch / makeResourceFromUrl) and Web View usage (webViewComponent.setUrl and onMessageReceived) so the agent will read/interpret untrusted third‑party webpages/JSON/messages and act on that data.