remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes multiple examples that fetch and ingest arbitrary remote content (e.g., calculate-metadata's fetch(props.dataUrl), import-srt-captions' support for fetch()ing remote .srt files, and the Lottie example fetching a public JSON asset), meaning the agent would read/interpret untrusted, user-supplied third-party data as part of its workflow.