create-scene

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to fetch external preview thumbnails and download 3D models from public URLs (e.g., "fetch the preview thumbnail (the preview: URL at the end of each catalog line)" and the curl example to https://models.dclregenesislabs.xyz/...), which are untrusted third‑party resources used to choose and import assets and thus can influence subsequent tooling and decisions.