supabase-edge-functions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly includes runtime examples that fetch and return data from public third-party sources (e.g., the "Function with External API Call" calling https://api.openweathermap.org and remote imports from https://deno.land and https://esm.sh), and the documented invoke/process-response workflows expect the agent to read and act on those returned contents, so untrusted external content could influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The function templates import remote Deno/ESM modules that are fetched and executed at runtime (e.g., https://deno.land/std@0.168.0/http/server.ts and https://esm.sh/@supabase/supabase-js@2), so these URLs supply required code that will be executed by the runtime.