supabase-vercel-shop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly reads and renders arbitrary user-provided CMS and product data from a user Supabase project (see src/lib/cms.ts: getPageContent/getSetting/getNavigation and usages throughout the app, including dangerouslySetInnerHTML for product.description), so it ingests untrusted third-party content as part of its runtime workflow.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an e-commerce platform built to handle payments: it lists Stripe in the tech stack, requires Stripe account setup ({{STRIPE_ACCOUNT}}), includes "Shop Integration: Connect Stripe", "Checkout Flow" and "Stripe Webhooks", and enforces GBP/pence formatting for Stripe. These are specific payment gateway integrations (Stripe) and checkout/webhook flows for processing transactions — not generic tooling — so it grants direct financial execution capability.