vercel-blob

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill lists and serves user-generated files from Vercel Blob (e.g., list(), public blob URLs returned by put(), and explicit fetch(url)/download examples in SKILL.md and templates like FileListManager and DragDropUpload), so the agent may ingest or display arbitrary, untrusted third‑party content hosted on the public blob CDN.