openrouter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md explicitly includes Vision examples (analyzeImage and compareImages) that accept arbitrary image URLs and pass those third‑party resources to the model for analysis, so untrusted external content would be ingested and could influence model outputs and subsequent tool actions.