gpt-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Yes — SKILL.md explicitly instructs agents to load and use the repo's reference files (e.g., references/gallery-*.md and references/craft.md), which contain curated user-generated/public-source prompts and social-media-sourced examples (X, Reddit, OpenAI Cookbook captures) that the agent must read and use to draft prompts and decide generation/edit behavior, so untrusted third-party content can materially influence actions.