website-to-hyperframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs running a web capture (npx hyperframes capture ) and then requires the agent to read captured third‑party site artifacts (e.g., capture/extracted/visible-text.txt, capture/extracted/asset-descriptions.md) and to use exact text/numbers and assets from those files to drive SCRIPT.md and STORYBOARD.md (see references/step-1-capture.md, references/step-3-script.md, references/step-4-storyboard.md), so untrusted public web content is ingested and can materially influence the agent's decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes a runtime capture of arbitrary external sites via "npx hyperframes capture " (example: https://stripe.com) and then uses the captured visible-text/assets to drive SCRIPT.md, STORYBOARD.md, and downstream prompts — meaning fetched remote content directly controls the agent's instructions and is a required dependency.