worldlabs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to accept reference images via file path or arbitrary URL and to call the World Labs API (https://api.worldlabs.ai/marble/v1) to fetch/generate/download assets and metadata (SPZ/GLB/pano, meta.json), so untrusted user-provided web images and API-returned content are ingested and used to drive generation/loader decisions and runtime behavior, enabling indirect prompt injection.