alicloud-ai-video-wan-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts a reference_image as an HTTP(S) URL and passes it to the DashScope SDK (see SKILL.md "reference_image can be a URL" and scripts/generate_video.py's resolve_reference_image / payload["img_url"]), so the agent will fetch and ingest arbitrary third-party content that can directly influence generation results.