cloudkit-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly ingests and acts on user-generated iCloud/CloudKit data—e.g., CKSyncEngine.handleEvent processing fetchedRecordZoneChanges, CKFetchRecordZoneChangesOperation.recordWasChangedBlock, CKDatabaseSubscription handling remote notifications, and accepting CKShare metadata (seen in SKILL.md and references/cloudkit-patterns.md)—so untrusted third-party content from other users' records can be read and directly influence merges, saves, and sync decisions.