nby-jimeng-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and fetches arbitrary public URLs as inputs (see "Image-to-Image" images array and Seedance JSON mode "file_paths" in SKILL.md / references/seedance.md, e.g., "https://example.com/image.jpg"), so untrusted third‑party content would be ingested and could influence generation behavior—enabling indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill contains runtime commands that fetch and execute external code—specifically docker run pulling the image "wwwzhouhui569/jimeng-free-api-all:latest" and an explicit git clone of https://github.com/wwwzhouhui/jimeng-free-api-all.git followed by pip/playwright/python commands—so the fetched content would execute remote code.