wp-playground

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts and executes blueprints from arbitrary public URLs (e.g., "npx @wp-playground/cli run-blueprint --blueprint=" and "playground.wordpress.net/?blueprint-url="), meaning the agent fetches and interprets untrusted third-party content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill accepts blueprints via runtime URLs (e.g., https://playground.wordpress.net/?blueprint-url= and the CLI's --blueprint=), which fetch external JSON/zip content at runtime that directly controls the Playground's setup/instructions, so this is a runtime dependency that can control execution.