saleor-paper-storefront

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly instructs agents to fetch and inspect external public content (e.g., "Step 2: Check Saleor Source for Behavior" and the clone command "cd /tmp && git clone --depth 1 https://github.com/saleor/saleor.git saleor-core", plus running API introspection with "pnpm generate" and executing GraphQL queries), which the agent is expected to read and use to drive code changes and decisions — exposing it to untrusted third‑party content that could enable indirect prompt injection.