wordpress-vip

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and examples (e.g., SKILL.md "External Requests" and Example 7 in references/DEPLOYMENT_EXAMPLES.md, plus references/PERFORMANCE.md and references/VIP_FUNCTIONS.md) explicitly show fetching and ingesting arbitrary external URLs via vip_safe_wp_remote_get and wpcom_vip_download_image for scheduled syncs and API calls, meaning untrusted public content is read and can influence processing and actions.