electron

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to connect to Electron apps and to discover and interact with targets (e.g., "https://example.com/widget") using snapshot/get text/click commands, meaning the agent will fetch and interpret arbitrary third-party web content embedded in apps, which can carry untrusted/user-generated instructions.