image-illustration-upload

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly uses WebFetch to retrieve images and links from public, user-contributed sites (Wikimedia Commons, Google Arts & Culture, Unsplash, Pexels, Pixabay) and searches arbitrary public image URLs that the agent is expected to read/interpret to select and insert images, exposing it to untrusted third-party content.