android-device-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's instructions (e.g., the "Launch an App or URL" examples like npx @midscene/android@1 launch --uri https://www.ebay.com together with the "Take Screenshot" and "read the saved image file to understand the current screen state before deciding the next action" workflow) require loading and visually reading arbitrary public web pages on the device, meaning untrusted third-party content can be ingested and influence subsequent automated actions.