remotion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime examples and workflow explicitly fetch and ingest open/public URLs (e.g., references/calculate-metadata.md shows fetch(props.dataUrl) and use of mediabunny UrlSource, references/lottie.md fetches Lottie JSON, and many media components accept remote URLs in references/assets.md, videos.md, images.md), so the agent would read untrusted third-party content that can change composition metadata or runtime behavior.