appwrite-swift

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md demonstrates ingesting and acting on user-generated/public Appwrite content (e.g., realtime.subscribe callbacks for tables/db rows and buckets.[BUCKET_ID].files, storage.listFiles, and Functions reading context.req.body) and even shows Permission.read(Role.any()) which makes resources publicly readable, so untrusted third‑party content can be read and materially influence behavior.