genmedia-ref
Warn
Audited by Snyk on Apr 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly states the CLI "walks the
resultpayload and downloads any object with aurl: stringstarting withhttp(s)://" and instructs agents to use--downloadto fetch those external media URLs, meaning the agent will fetch and consume arbitrary third-party HTTP(S) content from model outputs (untrusted/user-provided) as part of its workflow.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata