templates

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required workflow reads upstream docs and canonical template/module content from public URLs at runtime (e.g., https://coder.com/docs/llms*.txt, https://registry.coder.com/templates, and https://registry.coder.com/modules), which can include outsider-authored free text that may be ingested into the agent’s LLM context.