open-autoglm-phone-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and reasons over device screenshots ("Input: Screenshot + task description" and examples like "Open Instagram..." and aiQuery), meaning it reads untrusted/user-generated app and web content from third-party apps which can materially influence generated actions.