vitepress

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill documentation explicitly documents build-time data loaders and dynamic route "paths" loaders that fetch remote APIs and include remote content (see references/features-data-loading.md "async load() { const response = await fetch('https://api.example.com/data') }" and references/features-dynamic-routes.md examples fetching from "https://cms.example.com/posts" and using returned content), so the agent can ingest untrusted, user-generated third‑party webpages/data as part of its build workflow and have that content drive page generation and configuration.