fal-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly ingests untrusted third-party content via user-supplied external URLs (e.g., image_url, mask_url, control_image_url, base_image_url, swap_image_url) for image/video editing and generation, causing the agent to read and process arbitrary public content that could enable indirect prompt injection.