configurator-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's introspect/diff/deploy workflow explicitly fetches configuration from arbitrary Saleor instances via the --url / $SALEOR_API_URL GraphQL endpoint (see SKILL.md and references/commands.md), writing remote state into config.yml which the agent reads and uses to drive deployments, so untrusted third-party content can materially influence actions.