emoji-sticker-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary external image URLs in SKILL.md (e.g., the image_urls fields in Quick Start and use-case examples) and the SSE docs (references/SSE-EVENTS.md) show web_search_query/web_search_citations events that ingest and surface open-web URLs, so untrusted third-party content is fetched and can influence the agent's decisions and follow-up actions.