mobile

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Key Capabilities explicitly says the skill can "query external APIs for real-time guideline updates, e.g., fetching Apple guidelines via unofficial scrapers," which indicates it scrapes public app-store webpages and ingests that third-party content to drive validation and decision-making.