gpt-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md demonstrates passing arbitrary external image and mask URLs (e.g., the "Image Editing with Reference" and "Inpainting with Mask" examples showing "images": ["https://your-image.jpg"] and "mask": "https://car-mask.png"), which means the agent fetches and interprets untrusted third-party content that can materially influence generation/editing behavior.