unsplash-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The extension explicitly operates on public Unsplash pages and "detects images on the current page" and preserves user-generated metadata (see "How It Will Work" and "Security & Scope" in SKILL.md), so it ingests untrusted, user-generated third-party content from Unsplash as part of its runtime workflow which can influence which downloads/actions are taken.