astro-6

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's mandatory Agent Workflow explicitly instructs an agent to "Verify latest Astro 6 docs via Context7/Exa" (SKILL.md) and the references include a "Live Content Collections" example that loads external data via a URL (references/new-features.md using myLiveLoader({ url: 'https://api.example.com/news' })), which shows the agent will fetch and interpret untrusted third-party content as part of its workflow and that content can influence implementation decisions.