minimax-multimodal-toolkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and sends public/untrusted image URLs as reference content (e.g., --ref-image in scripts/image/generate_image.sh and --first-frame / --subject-image in scripts/video/generate_video.sh, documented in SKILL.md) which are ingested by the generation pipeline and directly influence subsequent model actions/outputs, creating a clear vector for indirect prompt injection from third-party content.