storefront-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill requires connecting to arbitrary Saleor GraphQL endpoints supplied by the user (Step 1 "Saleor instance check") and then fetching and parsing product data and config output (Step 3 GraphQL queries, description parsing, and the configurator's config.yml), so untrusted, user-generated content from those third-party instances is read and used to drive queries, codegen, env configuration, and UI/behavior.