qingtui-message-sender

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's script (scripts/send_qingtui_message.swift) and SKILL.md show it takes screenshots of the QingTui app and runs OCR on chat/search UI, thereby ingesting user-generated third-party message and contact text from the messaging app UI for decision-making and verification.