reel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs runtime fetching and ingestion of open/public third-party content (e.g., core/compositions.md’s calculateMetadata fetch example, layer-1-api/advanced/lottie.md fetching Lottie JSON from lottiefiles, and layer-1-api/captions/import-srt.md allowing remote .srt URLs), which are untrusted/user-provided sources that the agent is expected to parse and that can change composition props/duration and thus materially influence subsequent tool behavior.