evolink-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and uploads arbitrary public URLs as reference files (see "Direct File Hosting" in SKILL.md, the curl upload-from-URL examples in references/api-params.md, and the scripts/evolink-video-gen.sh --image handling), so untrusted third‑party content is ingested and used as generation input that can materially affect subsequent tool actions and outputs.