image-model-evaluation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls external HTTP APIs (e.g., https://api.xbyjs.top in references/api-usage.md and MCP model endpoints) and ingests their JSON/Markdown responses (extracting image URLs and prompt/content) and accepts arbitrary image URLs for image-editing, so it routinely consumes untrusted third-party content as part of its workflow.