letzai-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly accepts and fetches arbitrary external/user-provided content — e.g., imageUrl / inputImageUrls in POST /image-edits and POST /upscales (and videos), and lists user-trained models via GET /models — and the agent is expected to read and use those results (model names, thumbnails, and generated image/video URLs) as part of its workflow, exposing it to untrusted third‑party/user‑generated content that could enable indirect prompt injection.