image-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary user-provided / public content (stages/01-brief requires the user to "paste the original content" which is then turned into Copy Spec and "must be pasted" into prompts in stages/03-04), and the prompt-pack/JSONL (templates/apimart-requests-jsonl.md and scripts/apimart_batch_generate.py) sends that text verbatim to an image-generation API (and also accepts external pad_url/response URLs), so untrusted third-party text/URLs can be read and incorporated into runtime prompts.