openai-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md Vision (Image Analysis) example passes an image_url (e.g., "https://example.com/image.jpg") into the model, which clearly enables ingesting and interpreting arbitrary external/untrusted images (third‑party URLs) as part of the workflow and could therefore indirectly inject instructions via visual content.