nano-banana-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and fetches remote, user-provided image URLs and calls a third‑party Boluobao API (see SKILL.md's "Boluobao-specific options" and scripts/generate_image_boluobao.py), and the script prints API-returned text like "revised_prompt" which the agent/toolchain would read and could be used to influence subsequent actions, creating a clear vector for indirect prompt injection.