nuxt-geo-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs generating and serving /llms.txt and a full plaintext /llms-full.txt (see server/routes/llms-full.txt.ts and the "Generate llms.txt and llms-full.txt" sections) and even tells operators to "Fetch https://your-site.com/llms.txt" with ChatGPT/Claude, which means external LLMs will be expected to fetch and ingest arbitrary public site content (potentially user-generated/untrusted) that can materially influence model behavior — enabling indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Nitro route server/routes/llms-full.txt.ts performs a runtime $fetch to ${baseUrl}${path} (default shown as https://example.com) to pull remote HTML and inject plaintext into /llms-full.txt for LLM ingestion, which means fetched external content can directly control model context at runtime.