google-image-api-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and scripts/google_image_api.py explicitly call the BrowserAct workflow to scrape Google Images and return titles, links, thumbnails and source text from public websites (Google Images / third-party source pages), so the agent will ingest untrusted, user-generated/open web content as part of its workflow.