uniapp-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow instructs the agent to read the provided references and those references include explicit runtime flows that fetch and act on external, potentially untrusted content (e.g., RenderJS dynamic script loading from a CDN and web-view loading arbitrary URLs in references/advanced-features.md, and remote wgt update JSON/wgtUrl download-and-install behavior in references/community-practices.md), which the agent would parse and use to drive actions (navigation, downloads, code execution), enabling indirect prompt injection.