flyworks-avatar-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests untrusted external content (images/audio and public avatar/voice listings) from arbitrary URLs and the Flyworks public API — see scripts/hifly_client.py (handle_media_input, create_talking_photo, clone_voice, list_avatars/list_voices) and references/avatars.md and references/voices.md — so the agent will read/interpret third‑party user-provided content as part of its workflow.