spline-3d-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly embeds and loads user-created Spline scenes from public prod.spline.design URLs (see SKILL.md Step 2 and numerous guides/examples such as Spline scene="https://prod.spline.design/.../scene.splinecode", spline.load(sceneUrl), and the preload href), so it fetches untrusted, third‑party user-generated content that the runtime API reads and reacts to (events, variables, object data) and can therefore influence app behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill includes runtime-loaded JavaScript from CDN URLs (e.g. https://unpkg.com/@splinetool/viewer/build/spline-viewer.js and the runtime import https://unpkg.com/@splinetool/runtime@latest/build/runtime.module.js) which are fetched and executed in the page and are required for the Spline embeds to function, so they constitute runtime external code execution.