axiom-cloudkit-ref

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly includes code and workflow patterns that query and ingest records from CloudKit public/shared databases (e.g., "let publicDB = CKContainer.default().publicCloudDatabase" and the "Pattern 1: Initial Sync"/subscription examples) so the agent would read and act on untrusted, user-generated third‑party content.