wordpress-elementor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's core workflow explicitly reads and manipulates site content from arbitrary WordPress installs (e.g., "wp @site post meta get {post_id} _elementor_data", WP-CLI post lists, and browser navigation to https://example.com/wp-admin/... and import/export of templates), which are untrusted/user-generated sources the agent is expected to parse and act on, allowing third-party content to influence subsequent tool actions.