movie-maker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and consumes arbitrary external URLs and user-provided reference assets (e.g., rules/providers/fal/api.md uses jq to extract IMG_URL/VID_URL then curl -L to fetch images/videos, rules/providers/fal/overview.md/voiceover examples accept external IMAGE_URLs, and the manifest/ intake allow referenceImages or pasted/attached refs), so the agent will read/interpret untrusted user/web-hosted content (images/audio/transcripts) during its workflow.