canva

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and app.py include tools that fetch and ingest arbitrary public HTTPS URLs (import_design_from_url and upload-asset-from-url), meaning the agent will read untrusted third-party content from public websites which could embed instructions that influence subsequent actions.