asc-localize-metadata

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly downloads App Store Connect localization data via commands like "asc localizations download" (Step 2) and then feeds those user-provided app metadata strings to an LLM for translation (Step 3), meaning untrusted, developer-authored content from a third-party service is read and can influence subsequent actions (uploads), enabling indirect prompt injection.