sfd-model-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to check public model listings (e.g., replicate.com/collections/video-generation and fal.ai/models) and to select models based on those third-party pages, which are untrusted/community-driven sources whose content the agent is expected to read and that can change its choice of provider/models and downstream actions.