cloudinary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly permits fetching arbitrary external content—e.g., the "Upload Asset" action ("upload-asset — Upload a media asset ... to Cloudinary from a URL") and the "proxy requests" flow—so the agent can ingest untrusted public URLs/API responses that could influence later actions.