freepik

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and posts arbitrary external URLs (e.g., "image": "https://example.com/photo.jpg", "audio": "https://example.com/song.mp3", image_urls in video and edit examples) to the Freepik API (see SKILL.md's generate/video/edit/audio/utility sections including image-to-prompt and improve-prompt), so untrusted third-party content is ingested and can be reverse-engineered or used to form prompts that materially influence subsequent actions—creating a clear vector for indirect prompt injection.