gemini-imagegen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes Google Search grounding (see "Advanced Features -> Google Search Grounding" snippet and gemini_images._build_config which adds kwargs["tools"] = [{"google_search": {}}]), which makes the agent fetch and use open-web, user-generated/untrusted content as part of image-generation workflows, enabling indirect prompt injection.