scaffold-nextjs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required Phase 3 setup explicitly instructs running shadcn registry add that fetches a remote registry JSON from https://ui.blode.co/r/{name}.json (references/app-setup.md), which the toolchain ingests to generate project code/components and thus can materially influence subsequent actions and behavior from untrusted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs the command "npx shadcn@latest registry add @blode=https://ui.blode.co/r/{name}.json" at runtime, which fetches JSON templates from https://ui.blode.co that are injected as scaffolded UI components and are required for the scaffold, so this external URL directly controls generated project content.