pixverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflows and command flags explicitly accept arbitrary public URLs as inputs (e.g., --image , --images <paths...> and examples like "I2V from URL" and "Use URL → --image 'https://example.com/photo.jpg'"), which are untrusted third‑party sources that the agent/ backend will ingest and use to influence generation results, so it clearly exposes the agent to potential indirect prompt injection.