wispr-flow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill generates HTML reports (scripts/daily-recap.js -> generateHTML) that include external resources — e.g., Google Fonts (fonts.googleapis.com / fonts.gstatic.com), html2canvas from the Cloudflare CDN, and numerous app-icon URLs (App Store, cursor.sh, etc.) — and SKILL.md explicitly instructs offering to open the HTML and use the built-in Share button, so opening/ rendering the report will fetch and execute third-party content that could read the local transcript text and materially influence sharing/behavior.