blender-impl-addons

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation explicitly includes runtime network fetching from arbitrary URLs (see "Network Access (Extension Requirement)" with fetch_remote_data(url) and the Asset Downloader example in references/examples.md/downloader.py using requests.get, plus pip download examples for wheels), so it ingests open/public third‑party content that the extension is expected to read and that can materially influence behavior.