multimodal-llm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and consume publicly accessible HTTPS image URLs (see rules/video-multi-shot.md and rules/video-generation-patterns.md which require "reference images must be publicly accessible HTTPS URLs" and use imageTail/endFrameUrl), so arbitrary third‑party content can be ingested and materially influence generation and tooling decisions.