qwencloud-image-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and resolves arbitrary public image URLs as reference_images (see SKILL.md examples and references/execution-guide.md) and the runtime code (scripts/image.py and scripts/image_lib.py → build_payload/_resolve_file_url) uploads and passes those third‑party images into the generation models, meaning untrusted external content is ingested and can materially influence model outputs and downstream tool chaining.