linkfox-multimodal-recognize-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts arbitrary public image URLs and "downloads the image" for multimodal analysis (see SKILL.md "provide a publicly accessible image URL" and scripts/multimodal_recognize_image.py which calls the tool gateway), so untrusted third‑party visual content could be interpreted and influence the agent's outputs or actions.