openlicense-images

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill fetches outsider-authored free text at runtime by downloading the image bytes from a public GitHub repository (curl .../images/$image_name) and then extracting the embedded License: string via strings ... | grep -o "License:.*" ..., which is then read into the agent context when the license terms are printed (... | xargs less ... | cat).