ai-short-drama

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory Phase 1 Stage 0 "市场情报扫描" requires WebFetch/WebSearch of public third‑party sites (e.g., woshipm / 36氪 / 腾讯新闻 and other URLs) and instructs the agent to "真读 1-2 部爆款的业界拆解" whose findings directly shape IP selection, prompts, ref generation and downstream tool actions (see SKILL.md Phase 1 §0 and references/market-pulse.md), so it clearly ingests untrusted public web content that can influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires and invokes the dreamina CLI at runtime and includes an installation command that fetches and executes remote code (curl -fsSL https://jimeng.jianying.com/cli | bash), meaning https://jimeng.jianying.com/cli is a runtime external dependency that downloads/executes code used to control prompt-driven generation.