google-maps-reviews-api-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated Google Maps reviews via the BrowserAct API (see SKILL.md "extract reviews from Google Maps" and the script calls to https://api.browseract.com/v2/workflow in scripts/google_maps_reviews_api.py) and ingests the review "text" and related fields as part of its workflow for analysis/decision-making, so untrusted third-party content could materially influence agent behavior and enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime script makes API calls to the BrowserAct service (https://api.browseract.com/v2/workflow) — and requires a BrowserAct API key (https://www.browseract.com/reception/integrations) — to start and poll a remote workflow template (TEMPLATE_ID) that executes the scraping workflow, meaning external code/instructions are executed and required for the skill to function.