muapi-chibi-collage-effect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests an arbitrary user-supplied image URL ("Reference Image: {{person_image}}") and its Phase A prompt requires the agent to "Analyze the uploaded image carefully" to determine scene, poses, and captions, meaning untrusted third-party content is read and directly drives generation decisions (SKILL.md Steps, Phase A).