virtual-agent/android

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill’s required runtime workflow is to load a host “campaign URL” into an Android WebView and then inject/handle JS bridge callbacks; the WebView will ingest outsider-authored free text from that externally hosted page (public campaign content) which can indirectly influence the agent’s LLM context via callback payloads/DOM content.