expo-api-routes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's ai+api.ts example reads a "prompt" from request.json() and forwards it to https://api.openai.com/v1/chat/completions (and other examples fetch external APIs like https://api.weather.com using user-controlled params), so it clearly ingests untrusted/user-provided or third-party content that the agent will read and return.