vertex-ai-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The CLI explicitly accepts and loads user-provided gs:// URIs (see scripts/vertex_ai_image.py: _load_image_part and the read/edit commands) and feeds those external GCS images into the Gemini model for reading/editing, so untrusted third‑party image content can be ingested and influence model outputs.