appstorereject

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the SKILL.md routing and examples explicitly instruct the agent to fetch and interpret results from the public API (e.g., https://api.appstorereject.com/api/search and the script's BASE_URL https://modest-ant-119.convex.site), which return public/user-submitted rejection content that the agent is expected to read and use to decide remediation and generate appeals, so untrusted third‑party content can materially influence actions.