remotion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads and ingests user/project-provided assets from Stitch (e.g., screenshot.downloadUrl and htmlCode.downloadUrl using web_fetch/curl and scripts/download-stitch-asset.sh) and parses the HTML to generate annotations, so it consumes untrusted, third-party user-generated content as part of its workflow.