byted-bytehouse-multimodal-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts arbitrary external URLs and user content (e.g., scripts/embedding.py: encode_image/encode_video build {"image_url"/"video_url": {"url": ...}} and call Ark multimodal_embeddings.create, and scripts/search_client.py inserts and later queries user-provided content/URLs into ByteHouse), so untrusted third‑party media/text can be ingested and its embeddings/search results can materially influence subsequent searches and actions.