orshot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill accepts and renders arbitrary public URLs (e.g., the utility/template endpoints like POST /v1/generate/images with modifications.websiteUrl, modification fields such as imageUrl and bgVideo, and dynamic URLs) causing the agent to ingest untrusted third‑party web content for rendering, which can enable indirect prompt injection.