gpt-image-2-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and ingests arbitrary, user-provided public URLs for reference images and callback endpoints (see SKILL.md Step 3, the script usage examples, and references/api-params.md which document the image_urls / --image parameter and callback_url), and the agent is expected to include and interpret those external images/results as part of generation/editing decisions—exposing it to untrusted third‑party content that could carry indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs agents to run remote installers that fetch and execute code (e.g., npx evolink-gpt-image@latest / https://www.npmjs.com/package/evolink-gpt-image and git clone https://github.com/EvoLinkAI/gpt-image-2-gen-skill.git), which performs remote code execution during installation, so this is a clear runtime external-code risk.