exif_metadata_analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to load and analyze EXIF from arbitrary image_bytes (user/uploaded images), reading untrusted user-generated metadata and using it to set antifraud flags (e.g., add EXIF_EDITING_SOFTWARE), so third-party EXIF content can materially influence agent decisions.