apktool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to unpack and analyze arbitrary APK files and to extract and act on untrusted third-party content (e.g., searching for "https?://" in app resources and "Use extracted URLs with curl/wget" in the Integration section), so the agent would read and interpret user-provided / web-sourced content that could contain indirect prompt injections.