ti-howtos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit runtime workflows that fetch and act on untrusted external content—e.g., references/android-platform-deep-dives.md demonstrates reading intent.getData() and calling handleDeepLink(url) to openProductScreen(productId), and other references show HTTPClient/NSURLSession and WebView remote content usage—so third-party URLs/data are ingested and can influence app behavior.