video-format-conversion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md examples explicitly accept external video URLs via the "image_urls" field (e.g., "https://example.com/source-video.mov") and the SSE-EVENTS.md documents web_search_query/web_search_citations events, indicating the agent fetches and consumes arbitrary public web content and search results as part of its workflow, which could allow untrusted third-party content to influence actions.