svg

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "webfetch https://github.com/software-mansion/react-native-svg/blob/main/USAGE.md" in SKILL.md and includes examples that load remote SVGs via SvgUri (e.g., https://example.com/image.svg), which means the agent will fetch and read public third‑party content that could influence its actions.