oma-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to call shadcn registry tools (e.g., "shadcn_search_items_in_registries" and "shadcn_get_item_examples_from_registries") and lists "Network: ... registry tools" as a resource, meaning the agent will fetch and review external registry/example content (third-party, likely user-contributed) and act on it to decide installs/implementations — exposing it to untrusted third-party content that could inject instructions.