beaver-cover-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-provided reference images (saved into refs/) and requires deep analysis and embedding of their extracted, "MUST/REQUIRED" elements into generated prompts (see references/workflow/reference-images.md and references/workflow/prompt-template.md and the SKILL.md sections on reference handling), so untrusted third-party/user-generated content can directly influence prompt construction and generation behavior.