flyworks-avatar-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and uses untrusted public content as part of its runtime workflow — e.g., scripts/hifly_client.py calls list_public_avatars and list_public_voices against the Flyworks API and accepts arbitrary http(s) image/audio URLs for create_talking_photo and clone_voice — so third-party names/media returned or supplied can be read/interpreted and influence subsequent tool actions.