lazycat-sdk-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs applications to parse the filepath parameter and read arbitrary user files from the lazycat cloud drive (e.g., via the mounted /lzcapp/run/mnt/home or platform API described in SKILL.md), thereby ingesting untrusted, user-generated content that could contain instructions influencing app behavior.