blip-2-vision-language

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and processes arbitrary user-provided images and text (e.g., Gradio image upload and textbox, FastAPI /caption and /batch_caption endpoints) and even includes URL fetching (load_image_from_url in troubleshooting), so the agent will read/interpret untrusted third-party content as part of its captioning/VQA workflows.