Fastlane Tools founder Felix Krause says any Mac app, sandboxed or not, can access this function and secretly take screenshots of the user’s screen. He argues that miscreants can abuse this privacy loophole and utilize CGWindowListCreateImage to take screenshots and read sensitive user data. Krause has filed a public bug with Apple and proposed some mitigations that Apple could take into consideration to prevent abuse of the API function. He says he privately reported the issue to Apple last November but the issue was not resolved.
Source: https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/