remotion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and ingests arbitrary remote content (e.g., fetch(props.dataUrl) in references/calculate-metadata.md, fetching Lottie JSON in references/lottie.md, and remote URLs supported for // in references/assets.md), so the agent will read and interpret untrusted third-party data from public URLs as part of its workflow.