mac-native-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly integrates the Peekaboo MCP (see references/automation.md and the .mcp.json entry in SKILL.md/references/install.md) which captures screen content (including arbitrary web pages) and submits it to AI providers for analysis and can drive automated UI actions, so untrusted third‑party content could be ingested and influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes an MCP runtime entry that runs remote code via npx (npx -y @steipete/peekaboo) and documents the Peekaboo GitHub project (https://github.com/steipete/Peekaboo), which will be fetched-and-executed at agent runtime to provide a natural-language automation agent — i.e., runtime-fetching of remote code that executes and can control agent behavior.