android-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and interprets on-device UI text and screenshots (references/interact.md) and executes journey steps from XML (references/journeys.md), which can include WebView or user-generated/public content whose text the agent must read and act on, so untrusted third-party content can materially influence actions.