faion-multimodal-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly ingests and processes arbitrary external URLs and user-provided media (e.g., analyze_image_url and VisionService.analyze with ImageSource.URL, multiple methods that accept image_url or download response.data[0].url via requests/httpx, LumaVideoGenerator.generate_from_image and Runway/Replicate video/image endpoints), meaning untrusted public web/user-generated content is fetched and fed into LLM vision/transcription workflows.