editframe-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The CLI explicitly supports rendering from arbitrary remote URLs (--url in references/render.md) and the cloud-render/process workflows load and execute the built or remote HTML in headless Chrome and call getRenderInfo()/parse the DOM (references/cloud-render.md and references/render.md), so untrusted third‑party pages or user-generated HTML/JS can be ingested and influence rendering behavior and tool actions.