geo-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to fetch and interpret data from the public Geo GraphQL endpoint (https://testnet-api.geobrowser.io/graphql) — see SKILL.md and examples/discover-schema.md — and explicitly notes the graph is permissionless/user-generated, so queried third‑party content is untrusted and can change subsequent schema-discovery and publishing actions.