react-hooks-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill contains runtime network fetches that ingest and render external data—specifically the useFetch hook which calls fetch(url) (accepting arbitrary URLs) and the DataFetcher component that fetches and JSON-prints /api/users/${userId}—so the agent would read untrusted third-party content as part of its workflow.