macos-swift-desktop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill’s documentation (references/advanced-rendering.md under “WKWebView embedding in AppKit”) explicitly shows loading arbitrary URLs via webView.load(URLRequest(url:)) and wiring a WKScriptMessageHandler that parses message bodies (e.g., "navigate") and invokes native handlers, which clearly exposes the agent/app to untrusted third‑party web content that can influence behavior.