byted-mediakit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and ingests arbitrary public HTTP/HTTPS media and subtitle URLs as required inputs (see SKILL.md "http/https 链接" upload flow and references like references/01-stitching.md example) and the ApiManage.video_batch_upload/_upload_media_auto paths submit and fetch external SourceUrl(s) (and scripts such as get_video_audio_info even perform HTTP fetches), so untrusted third‑party content is read and used by the workflow and can influence downstream ASR/OCR/translation/drama_recap outputs and subsequent actions.