fal-kling-o3

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (scripts/kling-video.sh and SKILL.md) accepts arbitrary --image-url and --video-url values and passes them to external Kling O3 endpoints (e.g., fal-ai/kling-video/... with image_url/video_url in the payload), so untrusted public media can be ingested by the model and potentially influence model behavior via embedded content.