pptx

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md Images workflow explicitly requires calling image___search_image (or using returned image URLs) and downloading those external image URLs inside code_interpreter, meaning the agent fetches and ingests untrusted public third‑party content from the open web as part of its required workflow.