fal-upscale

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary --image-url/--video-url values (see SKILL.md "User provides image URL" and scripts/upscale.sh parsing of --image-url) and fetches/sends that third-party content to the fal.run API and displays the returned image/JSON, exposing the agent to untrusted external content.