peekabo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow and the CLI reference explicitly instruct running "peekaboo see --app 'Safari' --json-output" and then acting on captured UI elements (click/type/scroll), which means the agent ingests arbitrary content displayed in a browser (potentially untrusted public web pages) that can influence its subsequent actions.