kling-studio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and API reference (SKILL.md and references/api_reference.md) explicitly require accepting user-provided/open-web media URLs (image_list.image_url and video_list.video_url) and mandate embedding those untrusted assets into prompts via the <<<image_#>>>/<<<video_#>>> template syntax, meaning arbitrary third‑party media can be ingested and materially influence generation/editing decisions.