remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to fetch and ingest open web resources (e.g., calculate-metadata shows fetch(props.dataUrl) to load arbitrary JSON, lottie.md fetches a Lottie JSON from assets4.lottiefiles.com, and assets.md/docs show remote image/video URLs), and those fetched/public resources are parsed and used to set composition props/duration or drive rendering, so untrusted third-party content can materially influence tool behavior.