remotion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill contains multiple examples that fetch and consume arbitrary remote resources (e.g., calculateMetadata's fetch(props.dataUrl), the Lottie example fetch('https://assets4.lottiefiles.com/...'), and remote // and .srt fetching in assets.md and import-srt-captions.md), so it clearly ingests untrusted third-party/user-provided content that the agent is expected to read/interpret.