minimax-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and sends public reference-image URLs (SKILL.md "支持公网 URL 或 base64 格式" and the CLI --reference-image flag) and scripts/generate.ts includes those URLs in the subject_reference payload and also downloads arbitrary image URLs returned by the API, meaning untrusted third-party content is fetched and can directly influence generation behavior.