nuxt-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's documentation and examples show fetching and processing data from arbitrary external endpoints (e.g., $fetch('https://api.example.com/data') in the "$fetch
• Client-Side Only" section and useFetch/useAsyncData examples with baseURL/external URLs), meaning the agent can ingest open third‑party responses that may be untrusted or user‑generated and thus could carry indirect prompt injection.