capawesome-cloud

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Live Update workflows explicitly allow registering and downloading self-hosted bundles from arbitrary URLs (see references/live-update-advanced-topics.md "Self-Hosting" / apps:liveupdates:register and references/live-update-plugin-api.md "downloadBundle" / the "Advanced: Manual Fetch + Download" flow), meaning the agent/app is instructed to fetch and apply untrusted external web assets that can materially change behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Live Update feature clearly fetches and executes remote web bundles at runtime (default server domain api.cloud.capawesome.io and arbitrary self-hosted bundle URLs such as https://example.com/bundle.zip passed to apps:liveupdates:register or returned by fetchLatestBundle/downloadBundle), so those external URLs deliver code that directly controls app behavior.