game-assets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and automatically downloads external URLs returned by the MeowArt/Gemini APIs (see _collect_http_urls, _save_gemini_response_assets and _download_named_urls in skills/meowart_api.py) and SKILL.md explicitly instructs downloading preview_image_url images for in-dialog display and selection, so untrusted third‑party content is ingested and used as part of the agent workflow and can influence subsequent decisions.