matrixscan-batch-android

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and integration.md explicitly instruct the agent to fetch and read public documentation pages (e.g., docs.scandit.com API pages and https://central.sonatype.com/artifact/com.scandit.datacapture/barcode to extract the latest SDK version), so the agent will ingest open third‑party web content that can directly affect code-generation and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The integration guide explicitly instructs the skill at runtime to fetch and parse external documentation/version pages (notably https://central.sonatype.com/artifact/com.scandit.datacapture/barcode to extract the latest SDK version and the Scandit API pages at https://docs.scandit.com/... to verify method signatures), meaning external content is fetched during runtime and directly controls the generated instructions/code.