screenpipe-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly starts a ScreenPipe OCR service that captures and exposes screen text from work apps including Slack and Notion ("What It Does" and "Done Message" / "View your data anytime: open http://localhost:3030"), meaning untrusted/user-generated third-party content is ingested and used by the agent to answer queries and drive behavior.