islamic-companion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill clearly fetches and ingests public, untrusted content (e.g., src/api.py and lib/api.sh call api.aladhan.com and islamicapi.com, src/quran_api.py and lib/quran.sh call api.alquran.cloud, and src/quotes.py/lib/quotes.sh call ilm.islamic.network) and the code (e.g., src/quran_search.py and src/scheduler.py / lib/scheduler.sh) reads that returned data and uses it to drive further actions (fetching specific ayahs and generating CRON_ADD scheduling jobs), so third‑party responses can materially influence tool use and next actions.