design-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow ("Phase 2: Survey Multiple Sources" and "Phase 3: Evaluate Templates" plus "Present to the User") explicitly directs the agent to fetch and inspect public template marketplaces and demo pages (e.g., ThemeForest, Webflow, Framer, Shopify Theme Store) and to extract layout, palette, and section information from those third‑party URLs, which are untrusted web content that can materially influence subsequent decisions and actions.