image-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Interaction Flow Step 4 ("Reference Images" URL mode) explicitly accepts arbitrary external image URLs and builds fileData objects with fileUri to include in the generation request, so untrusted third-party content from public URLs will be ingested and can influence the image-generation behavior.