JArchi Scripting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports loading/cloning models from public repositories and arbitrary paths (e.g., references/cli-reference.md: --modelrepository.cloneModel "https://github.com/user/repo.git" and --loadModel / $.model.load()), and its example scripts read element fields such as documentation (e.g., $("element").each(function(e){ ... e.documentation ... })), so untrusted user-generated model content from the open web would be ingested and interpreted as part of the workflow.