seedance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and forwards arbitrary network image URLs from the open web (see SKILL.md "支持本地图片和网络URL" and the examples) and the runtime (scripts/generate_video.js -> processImagePath) ingests http/https image URLs and includes them in the generation payload, so untrusted third‑party content will be interpreted by the model and can materially influence generation behavior.