neta

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated community content from the Neta platform (e.g., commands like read_collection, request_interactive_feed, suggest_content, get_hashtag_info, get_hashtag_characters and docs such as references/collection-remix.md and community-exploration.md) and instructs the agent to read and use that returned lore/collection/launch_prompt data to drive creative tool calls, so untrusted third‑party content can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls the external Neta API (default base URL https://api.talesofai.cn, and noted https://api.talesofai.com in .env.example) at runtime (via axios) to fetch prompt/tag metadata and TCP (character/element) data (e.g., /v1/prompt/full-prompt-tags and /v2/travel/parent-search) which are parsed and injected into generated raw prompts (directly controlling the agent's prompt payload), and these API calls are required for commands like make_image/make_video, so this is a runtime dependency that directly controls prompts.