gen-ai-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and fetches arbitrary external URLs and stdin as prompts (see FLAGS.md --image/--video can be a URL, BATCH.md manifest supports image: <local-path|url>, and ADVANCED.md states "URL input" in the interactive picker and that piped stdin is read as the prompt), so untrusted third‑party content can be ingested and directly drive prompts or generation behavior.