flutter-mobile-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's .claude/settings.json explicitly allows WebFetch(domain:github.com) (and WebFetch(domain:docs.maestro.dev)) and the README references GitHub repos/docs, so the agent can fetch and read public, user-generated content from GitHub as part of its workflow, enabling indirect prompt injection.