google-maps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls Google Maps APIs (search_places and get_place_details) which retrieve public, user-generated place details and reviews from Google Maps that the agent is expected to read and could influence recommendations or next actions, creating a pathway for indirect prompt injection.