heuristic-evaluation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly asks the user to "share the interface (screenshot, URL, or description)" and states "If user provides a screenshot: Analyze visually" and accepts URLs, meaning it will ingest and interpret arbitrary user-provided or public web content (screenshots/URLs) which can be untrusted third-party input.