canghe-cover-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-provided reference images and verbal style extractions (see "Reference Image Handling" and "Reference-Driven Design" in references/workflow/reference-images.md and references/workflow/prompt-template.md), requires deep analysis of those untrusted inputs, and mandates embedding specific "MUST/REQUIRED" instructions from them into generation prompts—allowing third-party content to materially influence actions.