face-transform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly requires external image URLs (e.g., the Common Parameters "image_url" and the /face/swap "source_image_url" and "target_image_url" fields) so the agent will fetch and analyze arbitrary third-party images from the open web, which can materially influence processing and downstream actions.