fal-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows and input schema explicitly accept and ingest arbitrary public image/video URLs (see "schema.input.image_urls" and nodes like "vision-prompt-dest2" in references/EXAMPLES.md and the Game Assets/WORKFLOWS.md examples) and feed their analyzed output (e.g., vision LLM outputs) into subsequent model nodes, so untrusted third-party content can materially influence prompts and tool actions.