brand-visuals-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 2 explicitly instructs the agent to "analyze" a provided URL or uploaded images ("If you have a URL or uploaded images — analyze them first"), which means the agent will fetch/ingest arbitrary third‑party web content or user-provided pages and use that analysis to build the Visual DNA and prompts, enabling indirect prompt injection from untrusted public sources.