2slides

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and processes arbitrary public reference image URLs (see SKILL.md Section 2 "Reference Image Generation", scripts/generate_slides.py's create_like_this using --reference-image, and the MCP tool slides_create_like_this in references/mcp-integration.md), causing the agent to fetch and use untrusted third‑party content to drive slide generation and thus potentially enabling indirect prompt injection.