jianying-video-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Playwright scripts (scripts/jianying_worker.py and scripts/poll_and_download.py) explicitly navigate to and scrape pages on the public site https://xyq.jianying.com, evaluate page content and network responses to extract thread_id and MP4 URLs, read innerText/DOM to decide which UI elements to click and which model/mode to select, and thus ingest and act on untrusted third‑party (user/website) content that can materially influence subsequent clicks, submissions, and downloads.