axiom-app-intents-ref

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md includes a concrete runtime example under "Follow-Up Feature" where a shortcut fetches a recipe from Safari (an open/public website) and passes that third‑party content into the "Use Model" action to extract/modify ingredients and drive subsequent actions, so the skill clearly ingests untrusted web content that can influence behavior.