sora-watermark-remover

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's invocation is an external-link (references/skill.json "externalLink": "https://www.removesorawatermark.online/" and scripts/run.py message "Open this external-link target to continue"), so it directs the agent/user to a public third‑party website whose content the agent is expected to consult and that could influence subsequent actions or tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly uses an external-link invocation at runtime and directs the runner/user to https://www.removesorawatermark.online/, so execution/continuation of the skill depends on that remote site which can supply instructions or remote behavior that controls the agent flow.