peekaboo

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and commands (e.g., peekaboo type "supersecret") embed plaintext passwords directly into CLI commands, which would require the LLM to output secret values verbatim and enable exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md shows the tool can open and inspect browser windows and web pages (e.g., "peekaboo app launch 'Safari' --open https://example.com" and "peekaboo see --app Safari ... --annotate"), meaning it will read and act on arbitrary, untrusted third‑party web content displayed in the browser and thus could be influenced by indirect prompt injection.