fumadocs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs a research sub-agent to fetch public documentation starting at https://www.fumadocs.dev/llms.txt and then retrieve multiple .md pages from that public site, meaning the agent will ingest and act on untrusted, third-party web content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the sub-agent at runtime to fetch the documentation index at https://www.fumadocs.dev/llms.txt (and then fetch .md pages from https://www.fumadocs.dev/...), and those fetched docs are injected into the agent's research context to drive prompts/responses, so remote content directly controls the agent.