base-ui-overview-quickstart

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly instructs checking and re-checking public docs (e.g., "Confirm llms.txt and overview/releases" and the canonical references like https://base-ui.com/react/overview/releases and https://base-ui.com/llms.txt in SKILL.md and references/release-snapshot.md), which means the agent will fetch and interpret open public third-party content that can affect decisions.