visual-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required usage explicitly accepts a URL or screenshot in SKILL.md ("/visual-audit "), so the agent will ingest and interpret arbitrary third-party webpages/images from the open web as part of its workflow, which could carry untrusted/user-generated content able to influence decisions.