glmv-caption

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary image/video/file URLs (see "Supported Input Types" in SKILL.md and the scripts/glmv_caption.py functions process_image/build_content which include http(s) URLs and send them to the GLM API), so untrusted user-provided web content is ingested and interpreted by the model as part of its workflow, which could allow indirect prompt injection via those remote resources.