ordercli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly fetches and interacts with the Foodora website (e.g., "ordercli foodora orders", "ordercli foodora history show", and "ordercli foodora session chrome --url https://www.foodora.at/"), reading live third-party page/account data and using it to drive actions like tracking orders and performing reorders, so untrusted external content from the public Foodora site can materially influence tool behavior.