denji

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and ingests icons from the public Iconify registry (see "denji add — Add icons from Iconify" in SKILL.md), so untrusted third-party SVG content is read and interpreted as part of its workflow and could influence generated outputs or subsequent actions.