insane-design-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports a "URL 레퍼런스" path that, when selected, performs an analysis subcall to read and ingest arbitrary user-provided website URLs to generate a design.md (see "Step 0: Entry" and "URL 레퍼런스 → analysis 서브호출"), so untrusted third‑party page content is read and used to drive build decisions.