article-figure-spot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary article content from users (Input: "Pasted text" — "Treat the pasted block as the source article") or via user-supplied file paths and then reads and analyzes that content to generate figure prompts/images, which exposes the agent to untrusted, potentially user-generated third-party content that could carry indirect prompt injection.