wan-cover-plus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary http/https reference_images and reference_videos (references/input-schema.md, scripts/validator.py) and passes those URLs or encoded media into the Wan APIs and into generated prompts (scripts/wan_client.py and scripts/prompt_builder.py), so untrusted third‑party content can be ingested and materially influence model behavior and downstream actions.