image-well

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill performs live searches against public, user-contributed image APIs (e.g., Openverse, Wikimedia, Europeana, NASA, etc. as implemented in scripts/sources/*.py and invoked by scripts/well.py per SKILL.md/README) and consumes returned JSON fields (titles, urls, source_url, thumbnails) at runtime to decide what to display, preview (format_html) and download, so untrusted third-party content can materially influence the agent's actions.