remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes explicit runtime fetching of arbitrary external URLs (e.g., rules/calculate-metadata.md shows await fetch(props.dataUrl) and using the returned JSON to set composition props), so untrusted third-party content is ingested and can directly change metadata and runtime behavior.