visual-style-ppt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow explicitly reads and extracts styles from external webpages and user-provided documents/links (see SKILL.md and references/workflow.md: "Style extraction from images, screenshots, decks, webpages" and "If creating from a document path, read the document... ensure Codex can read ... webpage content"), and those untrusted third‑party contents are then used to build Style Locks and Image2 prompts that directly drive generation and packaging actions, so they can materially influence tool behavior.