computer-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md requires using orca computer get-app-state to read screenshots and accessibility trees from local apps (explicitly mentioning browsers and Slack), which means the agent will ingest arbitrary third-party web/social content displayed in those apps that could contain instructions influencing its actions.