stardust

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's extract/prototype workflow explicitly crawls and ingests live public sites (see SKILL.md setup and the artifact map: stardust/current/pages/.json, stardust/current/_crawl-log.json) and the prototype viewer may load the live URL (prototypes/.html left iframe), so arbitrary third‑party web content is read and used to drive commands and decisions.