instagram-carousel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Step 1 explicitly states "If the user provides a website URL or brand assets, derive colors and style from those," which requires ingesting content from arbitrary public websites/brand assets provided by users and using that data to drive design and HTML generation, so untrusted third-party content can influence the agent's outputs and decisions.