portrait-enhancement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required API workflow (Quick Start and multiple examples in SKILL.md) accepts arbitrary external image_urls (e.g., "image_urls": ["https://example.com/portrait.jpg"]) which the agent fetches and processes to decide edits and ask clarifying questions, so untrusted third-party content can directly influence tool use and next actions.