videoagent-director

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and uses arbitrary user-supplied/public image URLs (see tools/director.js --image-url handling and the SKILL.md / README examples for "Animate an existing image" / "For shots where the user provided an image"), so untrusted third‑party content is ingested as part of the shot-generation workflow and can materially influence generation behavior.