alicloud-ai-video-emo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires "Input files must be public HTTP/HTTPS URLs" (SKILL.md) and its workflow sends arbitrary public image and audio URLs to the detection and generation APIs (scripts/prepare_emo_request.py and SKILL.md), so untrusted user-provided media are fetched and interpreted to produce detection outputs (face_bbox/ext_bbox) that directly control subsequent model calls and therefore could enable indirect prompt injection via manipulated media content.