ai-avatar-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the CLI to ingest arbitrary external media URLs (e.g., image_url/audio_url/video_url like "https://portrait.jpg" and "https://video.mp4") and runs apps that transcribe/interpret that content (fast-whisper, TTS, latentsync), so untrusted third-party content is fetched and directly used in the workflow.