world-labs-multi-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary public image URLs (see the "Using Public URLs" example with content.source: "uri" and a uri field) that the model ingests and interprets as part of world generation, exposing it to untrusted third-party user-provided content that could carry indirect prompt injection.