llm-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary public image URLs (see scripts/llm_router_client.py vision command / the Vision/Image Analysis examples in SKILL.md) and sends those third‑party images to the LLM pipeline for analysis, meaning untrusted external content is ingested and interpreted as part of its workflow.