saleor-storefront

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The AGENTS.md and references explicitly instruct the agent to fetch and inspect public third‑party content (e.g., "cd /tmp && git clone --depth 1 https://github.com/saleor/saleor.git" and links to https://docs.saleor.io) for resolver/permission behavior, meaning the agent will read untrusted external content that can materially influence its actions.