remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes multiple runtime fetches of arbitrary remote resources (e.g., rules/assets.md allows remote URLs for //, rules/lottie.md fetches a Lottie JSON from assets4.lottiefiles.com, and rules/calculate-metadata.md shows fetch(props.dataUrl)), which means the agent will ingest untrusted, third‑party content (arbitrary URLs/user-provided props) as part of its workflow and could be subject to indirect prompt injection.