nextcloud-admin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses data from an arbitrary NEXTCLOUD_URL (via WebDAV and OCS API calls such as PROPFIND, GET /shares, remote_shares, etc. shown in SKILL.md and references/api-reference.md), which is user-generated/untrusted content and is directly used to drive decisions and subsequent actions (e.g., accepting remote shares, creating/deleting shares), enabling indirect prompt-injection risks.