app-reviews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and scrapes user-generated reviews from public third-party sources (Google Play via scripts/_lib/play.mjs and Apple App Store via scripts/_lib/ios.mjs called by fetch.mjs), then emits those reviews as JSON for the LLM to read/analyze (evaluate.mjs / SKILL.md), so untrusted third-party content can directly influence agent decisions and behavior.