seedance-storyboard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 6 "处理素材 URL" and the multi-modal reference rules (e.g., "用户提供的网络图片：直接使用" and the @图片/@视频 media_files mapping) explicitly require the agent to accept and include arbitrary user-provided/public media URLs as inputs, meaning untrusted third‑party content is ingested and can directly influence prompt generation and task submissions.