security-firebase-apk-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime workflow explicitly performs network requests to public Firebase endpoints (e.g., "curl https://-default-rtdb.firebaseio.com/.json", Firestore REST calls, and storage REST/gsutil access) which fetch untrusted, user-generated third-party content that the agent is expected to read and act on as part of testing, enabling indirect prompt-injection via the retrieved data.