app-store

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly allows WebSearch and instructs the agent to use and interpret public third‑party ASO/intelligence sources (see apple-search-ads/SKILL.md allowed-tools and Keyword Research Process referencing SearchAds, AppTweak, AppFollow, App Store autocomplete and Search Terms reports), so the agent would fetch and act on untrusted public web content to make campaign/keyword/bid decisions.