zhin-component-rendering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to untrusted third-party content via the built-in "fetch" component (mentioned under Built-in Components) which can load remote URLs that the component renderer (before.sendMessage / renderComponents) will ingest and render into messages, enabling indirect prompt injection.