chanjing-video-compose

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill fetches and consumes public third‑party content (e.g., list_figures calls GET /open/v1/list_common_dp and POST /open/v1/list_customised_person and uses returned person.id, audio_man_id, preview_url; poll_task returns video_url and upload/file_detail returns file metadata), and those untrusted API responses are read and used to choose figures and parameters that directly affect subsequent tool actions (create_task, download_result), allowing malicious/constructed content to influence behavior.