social-card-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Node.js path explicitly supports a --url option and generate.js's loadInput() calls fetch(options.url) to read arbitrary webpages (see generate.js and the "URL input" examples in SKILL.md/README), and that fetched, untrusted page text is cleaned and directly used to compose/share social posts (renderTemplate/context), so third-party content can materially influence generated outputs.