weaverse-hydrogen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and consumes public third‑party content as part of its runtime workflow — e.g., SKILL.md's "Live Documentation" scripts that call docs.weaverse.io and the docs' examples showing weaverse.fetchWithCache(), context.weaverse.loadPage() and the "Data Connectors" section (references/11-advanced-features.md) which fetches arbitrary external APIs and surfaces merchant-provided/studio data into page loaders and templates — and that untrusted external/merchant data is read and used to drive loaders, page rendering, and component behavior, so it could materially influence subsequent actions.