glmv-caption

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary image/video/file URLs (see SKILL.md examples like "https://example.com/photo.jpg" and scripts/glmv_caption.py functions process_image/build_content/caption which add "image_url"/"video_url"/"file_url" entries and send them to the GLM-V API), so untrusted public third‑party content is ingested and its interpreted output (captions/analysis) can influence subsequent agent decisions.