firebase-ai-logic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's analyzeImage function loads an external image via imageUrl (via fetchImageAsBase64) and passes that untrusted, potentially user-provided web content to the generative model, exposing the agent to indirect prompt injection from arbitrary public URLs.