create-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes an uploadFromUrl flow that fetches arbitrary HTTPS URLs (references/assets.md) and the workflow uses uploaded external assets as inputs to the Video Agent (references/video-agent.md and references/prompt-optimizer.md), so untrusted third‑party content can be ingested and influence generation behavior.