nano-banana-image-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Step 2: Source Reference Photos" explicitly instructs the agent to use WebSearch/WebFetch to find and download high-resolution images from public sites (e.g., Wikipedia/Wikimedia Commons, Library of Congress, press kits, professional photography sites) and then ingest those files via the --input flag for generation/editing, which clearly pulls untrusted third‑party content into the agent's workflow and can materially change subsequent generation/edit actions.