aliyun-wan-videoedit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary public media URLs (see the "media" field description in SKILL.md / normalized interface stating "url: public URL (HTTP/HTTPS) or OSS temporary URL" and the scripts/edit_video.py --video / --ref-image arguments) and sends those user-provided videos/images to the wan2.7-videoedit model (with prompt_extend enabled), so untrusted third-party media could be interpreted by the model and materially influence editing behavior (indirect prompt injection).