owntracks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches public POI data from the AMap REST API (see scripts/nearby.mjs and the "Nearby Search (AMap/高德)" section in SKILL.md), so the agent ingests untrusted third‑party content (AMap responses) that the workflow reads and can materially influence actions or decisions.