cross-platform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests untrusted, user-provided content — e.g., via the Share extension (reading extensionContext inputItems), JSON import (importFromJSON), and URL deep-links (onOpenURL handling myapp://new?content=...) — and then reads/stores/acts on that content, which could enable indirect prompt injection.