ark-embedding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and functions accept and fetch arbitrary external image/text URLs (e.g., get_embedding/generate_image_embeddings and multimodal inputs using "image_url" such as the image_urls list and batch_inputs), meaning the agent ingests untrusted public third‑party content for embedding/search and could therefore be subject to indirect prompt injection.