hwc-stimulus-fundamentals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes runtime code that ingests and processes external/user-generated content—e.g., Turbo Stream/WebSocket messages appended to the DOM (references/2023-12-05-stimulus-auto-sorting.md) and fetching arbitrary file URLs provided via data attributes in the Web Share API example (references/2025-11-25-stimulus-web-share-api.md)—which clearly reads/interprets untrusted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The HTML example uses an importmap that loads and executes remote JavaScript modules at runtime from https://ga.jspm.io/npm:@hotwired/turbo@8.0.4/dist/turbo.es2017-esm.js and https://ga.jspm.io/npm:@hotwired/stimulus@3.2.2/dist/stimulus.js, which are required for the example to function and therefore constitute runtime remote code execution risk.