tauri-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's docs explicitly show loading and fetching arbitrary external URLs (e.g., reference/javascript-api/webview.md newWebviewWindow/setUrl with 'https://new-url.com', reference/javascript-api/image.md fromUrl, and reference/acl/scope.md allowing "https://**" / http fetch patterns), so untrusted third‑party content can be ingested into WebViews or via HTTP and could influence runtime behavior.