remotion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests user-provided Stitch assets (e.g., screenshot.downloadUrl and htmlCode.downloadUrl) using web_fetch/curl and parses the HTML to extract text for annotations, so it reads untrusted third-party/user-generated content from external URLs as part of its workflow.