israeli-shipping-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 4 in SKILL.md and the references/carrier-apis.md) explicitly instructs scraping/reading tracking pages and endpoints from public carrier sites (e.g., mypost.israelpost.co.il, hfd.co.il, chita-il.com) and using that live tracking data to normalize statuses and drive notifications/decisions, exposing the agent to untrusted third-party content.