ai-multimodal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary public third-party content — e.g., YouTube URL processing in references/video-analysis.md and public image URL support in references/vision-understanding.md (and corresponding types.Part.from_uri examples in gemini_batch_process.py) — and the agent is expected to read and analyze that content (transcribe, summarize, VQA), which could enable indirect prompt injection.