ads-photoshoot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts a "product URL" in Step 1 (Collect Product Information) — an arbitrary public web resource — and those fetched image/description contents are incorporated into constructed prompts and fed to the banana generator, so untrusted third‑party content can materially influence tool behavior.