fal-image-edit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary user-provided image URLs (IMAGE_URL and optional MASK_URL via --image-url and --mask-url) and sends them in the payload to the external fal.ai API, meaning the model will ingest untrusted public images that could contain embedded instructions.