z-ai-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to untrusted third‑party content because it includes a Web Search tool and standalone /web_search endpoints (references/tools-and-functions.md and the Web Search Integration examples) and accepts arbitrary image/video/file URLs in chat messages (references/chat-completions.md), which cause the agent to fetch and read public web pages and user-generated media as part of its workflow.