axiom-apple-docs-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the agent to navigate and read public WWDC pages on developer.apple.com (via the Chrome browsing tool) and to fetch API docs from the third-party sosumi.ai site, and then to read/interpret those transcripts/docs to reconstruct code and drive follow-up actions—meaning arbitrary content from those public sites can materially influence the agent's behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly instructs runtime navigation and WebFetch to external pages (e.g., https://developer.apple.com/videos/play/wwdc2025/278/ and https://sosumi.ai/documentation/widgetkit) whose fetched content is injected/read into the agent context and thus can directly control prompts and outputs.