app-store-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and parses public, user-generated App Store content (e.g., the Reviews RSS/customerreviews endpoints in endpoints/reviews.md and the apps.apple.com scraping in endpoints/similar.md), so the agent would ingest untrusted third-party text (user reviews and scraped page content) as part of its workflow.