vercel-ai-elements

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documents components that explicitly load and render arbitrary third-party web content—notably the WebPreview component (iframe with defaultUrl/src and navigation), the Response component (allowedLinkPrefixes/allowedImagePrefixes defaulting to ["*"]), and InlineCitation/Sources which accept and display external URLs—so it clearly exposes the agent to untrusted, user-provided web content that could carry indirect prompt injections.