another-android

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to arbitrary web content by providing another_open_url (opens any URL in the device browser) combined with the documented workflow that requires taking screenshots and interpreting the device screen ("Screenshots are the primary way to understand what's visible on the device" in SKILL.md), so untrusted third‑party pages can be fetched and influence subsequent touch/text actions.