integrate-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (see "With Reference Images" and the Integration Pattern examples in SKILL.md) accepts arbitrary referenceImages URIs from request bodies and passes them to client.textToImage.create, which causes external, untrusted image URLs to be fetched and used to influence generation.