saleor-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md "Before writing code" step explicitly instructs the agent to fetch live docs from public sites (e.g., https://docs.saleor.io/docs/developer/extending/apps/overview and site:github.com searches) and to read those external pages as part of its workflow, so third-party content can materially influence subsequent actions.