website-to-hyperframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). Step 1 runs npx hyperframes capture <URL> and then reads extracted free-form page content like extracted/visible-text.txt and extracted/asset-descriptions.md into the agent’s working summaries, where the source text is authored by the outsider website being captured.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs a runtime capture of arbitrary external sites via the command "npx hyperframes capture " (e.g., https://...) and then instructs the agent to read extracted files (images, shaders.json, Lottie/JSON, text) and use them to drive prompts, storyboard decisions, and composition code, meaning fetched remote site content can directly control agent instructions and runtime-executed code.