canvas-table-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly instructs the agent to read files from the installed package (e.g., node_modules/@qfei-design/canvas-table/package.ai.json, docs/agent-usage.md, recipes.json) and to install the package if missing, so third-party package-authored content (fetched from public registries) is ingested and can directly influence which recipe/actions the agent takes.