ipsw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes firmware from arbitrary public URLs (e.g., "ipsw extract --kernel --remote <IPSW_URL>" in references/download.md and "ipsw download ... --urls"), and also references public/user-contributed sources (e.g., iPhone Wiki) whose untrusted binary/content is then analyzed (including optional LLM-powered decompilation like "--dec-llm copilot" in references/dyld.md), so external content can be ingested and materially influence tool/LLM behavior.