product-content-enrichment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's image-tagging workflow (evals/image-tagging-and-human-review-workflow/task.md and its inputs/images.json) requires calling AI vision APIs on public image URLs (e.g., Unsplash CDN links) so the agent ingests untrusted, third-party user-hosted images and interprets them as part of the tagging/review pipeline.