visual-prompt-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public, user-generated Dribbble content (see scripts/scrape_dribbble.py, data/references.json, and SKILL.md's "Browse https://dribbble.com/shots/popular"), and then instructs the agent to analyze those style cards (references/style-card-schema.md and scripts/style_card.py's ANALYSIS_PROMPT) and use the extracted fields to generate prompts, so untrusted third-party content can directly influence agent decisions and subsequent actions.