i18next

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's reference docs (references/configuration.md "Loading Translations" and references/patterns-and-plugins.md) explicitly show using backend plugins like i18next-http-backend and i18next-locize-backend which load translation JSON from HTTP endpoints/CDNs (untrusted, user-provided content) that i18next reads and interprets (nesting, interpolation, formatting), so those third-party translations could materially influence runtime behavior.