dev-swarm-use-computer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to take screenshots of arbitrary screen regions ("Take a Screenshot" section) and to use visual verification to guide subsequent mouse/keyboard "input" actions, meaning untrusted public content visible on the user's screen (e.g., webpages, social media, forums) could be ingested and directly influence tool actions.