anthropic-claude-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Vision/Multimodal section includes an explicit "From URL" image example (e.g., the messages.create call with "type":"image" and "source":{"type":"url","url":"https://example.com/image.jpg"}), which shows the agent fetching and interpreting images from arbitrary web URLs (untrusted third-party content) as part of its workflow.