editframe-brand-video-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md Step 0 explicitly requires the agent to fetch and scrape a supplied brand URL (live web page) to extract CSS hex codes and download brand assets before any other action, meaning the agent will ingest and act on arbitrary public website content that could contain untrusted/user-generated instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Step 0 explicitly requires fetching the user-supplied brand URL at runtime ("If a URL is supplied: immediately fetch it ... Extract exact hex codes ... Download or note 3–5 brand assets. Do not proceed until you have done this"), so an arbitrary external URL provided by the user is fetched during runtime and its content directly controls the agent's prompts/behavior and is a required dependency — e.g., the "user‑supplied brand URL" (the target website) is flagged.