design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Process" and the references (e.g., "Research Prior Art" in SKILL.md and the prior-art lists in references/components.md and references/features.md) explicitly require consulting public third‑party sites (Base UI, WAI‑ARIA APG, Media Chrome, Vidstack, Video.js, Plyr), so the agent is expected to fetch/read untrusted external web content as part of its required workflow and that content could materially influence design decisions.