developing-with-streamlit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documentation explicitly shows fetching and executing remote, public content (e.g., "streamlit run https://raw.githubusercontent.com/..." in using-streamlit-cli, cookiecutter from GitHub in packaged-components, and remote theme/font URLs in creating-streamlit-themes) which demonstrates the agent/workflow will ingest untrusted third-party resources that could materially influence execution.