creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary public URLs (Step 1 detection and Step 5 content extraction via a curl POST to https://api.marswave.ai/openapi/v1/content/extract and also downloads audio/video via curl for local ASR), then reads and applies that untrusted content as material/style references (Step 3 and Step 5) which directly influence generation, prompts, and subsequent API calls—allowing indirect prompt injection from third-party pages.