view-imgur

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to curl i.imgur.com URLs and then read the downloaded /tmp/image.png with the Read tool, which causes the agent to ingest arbitrary public/imgur user-generated content that could embed or convey instructions and influence subsequent actions.