budge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly loads a third-party runtime from https://www.budge.design/budge.iife.js (SKILL.md and references/INSTALL.md) which generates and copies edit prompts to the clipboard that the agent is expected to read/act on when the user pastes them, so untrusted remote content can indirectly inject instructions into the agent's workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly loads and requires the remote IIFE at https://www.budge.design/budge.iife.js during runtime (via in INSTALL.md and SKILL.md), which executes fetched code in-page and is a required dependency for the widget to function.