gis-maps-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and reference files (e.g., references/google-routing-directions.md and references/google-places-autocomplete.md) show runtime fetches from public provider APIs and tile servers (maps.googleapis.com, Mapbox/OSM tile URLs) and explicitly consume untrusted third-party content such as Google Directions step.instructions and Places predictions which the agent is expected to read/interpret and which can influence routing, UI rendering, and subsequent actions, creating a clear vector for indirect prompt injection.