peekaboo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly shows opening and interacting with Safari (e.g., peekaboo app launch "Safari" --open https://example.com and peekaboo see / peekaboo image --analyze) so the agent can capture and analyze arbitrary web pages or other untrusted app content and then drive clicks/typing based on that content.