recreate-thumbnails

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads public YouTube thumbnails (get_youtube_thumbnail calling img.youtube.com) and accepts arbitrary image URLs via --source (download_image), then analyzes those untrusted, user-generated images for face pose and passes them as inputs to the generation model (and uses pose to pick references), so externally-hosted content can influence model behavior and tool decisions.