alicloud-ai-multimodal-qwen-vl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary HTTPS image URLs (see SKILL.md "image: HTTPS URL, local path, or data: URL" and scripts/analyze_image.py's resolve_image_input) and sends those external images to the Qwen VL model for interpretation, so untrusted public image content can be ingested and materially influence model outputs and downstream actions.