21st-dev-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Auto mode explicitly instructs the agent to crawl a user-provided reference site URL (SKILL.md "Auto Mode Workflow" Step 1) and the bundled scripts (resolve-21st-component.mjs and fetch-21st-source.mjs) fetch and parse public 21st.dev pages and arbitrary CDN URLs, meaning the agent ingests untrusted third-party web content and uses it to choose components and drive integration actions.