dream-to-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly automates and browses the public 即梦 web platform via Playwright (login, submit prompts, monitor progress, and download generated videos) and also clones a public GitHub repo, meaning the agent fetches and interprets runtime content from untrusted third-party web pages which can influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's setup explicitly runs a git clone of https://github.com/mediastormDev/dream-to-video-skill.git during first-use and then executes scripts from that repository (python main.py login/add/worker), so remote code fetched from that URL is executed and controls prompt handling.