This is the most common use of "scriptable" apps for end-users. Apps like , Automate , or MacroDroid essentially function as scriptable engines.

If you publish this as-is, you are vulnerable: