jacky-illustration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Workflow step “Read Article” ingests the target article’s paragraph text (user-supplied file content) and then step “Generate Images” sends style_prompt + section_content / contents=[prompt] to the Gemini LLM; if that article text is authored by an outsider, it becomes free-form outsider-authored prose in the LLM context.