mobbin-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill calls the search_screens tool to fetch and return real app screenshots from Mobbin (see SKILL.md: "it runs the search server-side, fetches every matching image, and returns them to you as inline image content blocks" and later instructions to "read the screens" and base analysis/boards on them), so the agent ingests untrusted third‑party web content that can influence its decisions.