expo-gaode-map-web-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls the public Gaode (Amap) Web APIs (see resources/web-api.md and SKILL.md: e.g., api.route.driving, api.poi.search, api.inputTips) and consumes returned, potentially user-generated/untrusted fields such as Step.instruction, POI names/addresses and input tips which the agent is expected to read/interpret to make routing or action decisions.