web-data-fetching-graphql-urql

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's examples and required workflow explicitly show the agent/client fetching and processing data from arbitrary GraphQL endpoints (e.g., GRAPHQL_ENDPOINT in SKILL.md and examples/exchanges.md and examples/subscriptions.md) — including user-generated queries/subscriptions (LiveChat, notifications, createPost) — and using those responses to drive behavior (cache updates, subscription handlers, mapExchange onError that triggers logout/redirect), so untrusted third-party content could materially influence actions.