tinker-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's vision and messaging examples explicitly accept external image URLs (e.g., Message/ImagePart with image='https://example.com/image.png' and use of an image_processor/renderer) and it links to public GitHub/raw docs, which indicates the agent workflow can fetch and ingest arbitrary third‑party content (public URLs) that may be untrusted.