glmv-grounding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and fetches user-provided public http/https image or video URLs (see SKILL.md usage examples and scripts/glm_grounding_cli.py -> load_media_bytes/is_public_url) and sends that untrusted third‑party media to the GLM‑V model for grounding; those external contents are parsed/interpreted as part of the workflow and the model's outputs (parsed by utils*) directly drive visualization and downstream actions, so untrusted content can materially influence behavior.