google-maps-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill makes direct calls to public Google Maps/Places endpoints (e.g., places.googleapis.com and maps.google.com embed URLs) and explicitly fetches/display user-generated fields such as place reviews and photos (see cmd_place_details and the SKILL.md HTML/embed sections), so it ingests untrusted third‑party content that could influence agent behavior.