airloom

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the public airloom.fm API and parses its responses (see scripts/upload.sh and SKILL.md), reading upload_result.* fields including apiKey, auth_mode, showUrl, qr, title/description from the public site and then using those fields to drive actions (saving API keys, reporting permanence, displaying QR codes), so untrusted/user-generated content from airloom.fm can influence agent behavior.