vhscli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly documents that the nano-banana-2 generator can be run with --search and --image-search (Google search/image search) which ingests open web content (public pages/images) to ground generation, meaning untrusted third‑party content is fetched and can directly influence model outputs and subsequent tool behavior.