spline-3d-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to load and interact with user-generated Spline scenes from public URLs (e.g., https://prod.spline.design/.../scene.splinecode) and to import runtime/content from public CDNs (e.g., unpkg), and the guides/examples (guides/REACT_INTEGRATION.md, guides/VANILLA_INTEGRATION.md, examples/interactive-scene.tsx) show reading scene variables/events and performing actions based on that content, which could allow untrusted third-party content to influence runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime loading and execution of remote JavaScript from the unpkg CDN (e.g. https://unpkg.com/@splinetool/viewer/build/spline-viewer.js and the runtime import https://unpkg.com/@splinetool/runtime@latest/build/runtime.module.js) which are fetched and executed in-client as required dependencies for the embeds, so they constitute remote code execution at runtime.