generators

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The announcement-banner skill includes a RemoteAnnouncementProvider (announcement-banner/templates.md) that fetches announcements via URLSession.data(from: url) from arbitrary remote JSON endpoints and those announcements can contain actions (deepLink or url) which AnnouncementBannerModifier will execute (openURL / deep-link routing), so untrusted third-party content is fetched and can directly influence app behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit, non-generic generators for in-app purchase and subscription functionality (paywall-generator: "Full StoreKit 2 implementation", "Product loading, purchasing, restoring"; subscription-lifecycle: "StoreKit 2 subscription lifecycle", "Transaction.updates", "purchase" flows). Those are concrete APIs to initiate and manage monetary transactions (StoreKit purchases/subscriptions), not just generic code or UI automation. Therefore it exposes direct financial execution capability.