fal-tryon

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (SKILL.md and scripts/tryon.sh) accepts arbitrary --person-url and --garment-url values (public URLs) and sends them to the fal.run model endpoint, meaning untrusted third‑party image content is ingested and can directly influence model outputs/decisions.