vision-multimodal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes a "Pattern 2: Image from URL" example that fetches and ingests images from arbitrary URLs (and supports user-supplied PDFs/images via base64/Files API), meaning the agent will read untrusted third-party content from the open web as part of its workflow.