tauri-app-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes examples that fetch and process arbitrary external URLs (e.g., references/commands-and-ipc.md's download_file(url) example and the frontend invoke call with { url: 'https://example.com/file' }, plus updater/http permissions and remote-access examples in references/security.md and references/plugins.md), so it clearly ingests untrusted third-party web content as part of its workflow.