cloudkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly ingests and acts on user-generated CloudKit data (e.g., accepting CKShare metadata and fetching shared records from container.sharedCloudDatabase, plus fetching/processing records via CKFetchRecordZoneChangesOperation and CKFetchRecordZoneChangesOperation.recordWasChangedBlock), which are untrusted third-party sources that can influence application behavior.