vmos-edge-container-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary URLs for fetching/installing files (see references/apps-and-files.md: POST /android_api/v1/install_apk_from_url_batch and /upload_file_from_url_batch with example "https://example.com/app.apk"), meaning it will cause the host to fetch untrusted third‑party content that can materially influence subsequent tool actions.