ai-short-drama

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires an automatic "Phase 0: 市场情报扫描" with WebFetch/WebSearch of public sites (e.g., "WebFetch 1-2 部爆款的剧情解说" / sources: woshipm, 36氪, 腾讯新闻) and then incorporates those findings into the IP brief and prompt/visual-fingerprint material that are programmatically appended into subsequent prompts and tool calls, so untrusted third‑party pages are fetched, read, and can materially influence generated prompts or actions (i.e., enabling indirect prompt injection).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs installing and running remote code via "curl -fsSL https://jimeng.jianying.com/cli | bash" (and references a setup script that invokes it); that URL is fetched/Executed during setup and the resulting dreamina CLI is a required runtime dependency used to submit prompts and generate images/videos, so it directly enables remote-executed code and prompt-controlled operations.