iblai-course-access

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill embeds and interacts with external edX/MFE pages via (loading URLs from NEXT_PUBLIC_LMS_URL / NEXT_PUBLIC_MFE_URL and serving the discussion/forum tab) and explicitly handles postMessage events (e.g., auth.jwt.ready) and iframe-driven navigation/events (onNavigate, timed-exam, onCourseMentorChange), so untrusted user-generated third‑party content can be read and materially influence navigation and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment gateway integration: it imports and uses useCreateStripeCheckoutSessionMutation, references Stripe checkout redirects and the Stripe success_url (dmUrl) in the layout and useCourseDetail flow. These are specific Stripe checkout APIs (payment gateway) — not generic tooling — so the skill grants direct financial execution capability.