thumbnail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and download images from public websites (e.g., the "Using Official Logos" and "Proven Designs" sections which show downloading logos via curl and downloading YouTube thumbnails like https://img.youtube.com/vi/... to ./downloads/outliers/), then "read the image file to understand it" and use those external images for style transfer — exposing the agent to untrusted, user-generated public web content that can influence generation decisions.