fal-generate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary public URLs as input (see SKILL.md "Option 3: Use existing URL — Any public URL works" and scripts/generate.sh which consumes --image-url), causing the agent to ingest untrusted third-party content that will be interpreted by the generation workflow and could influence subsequent outputs/actions.