talking-head-production

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflows clearly instruct passing arbitrary public URLs for images, audio, and videos (e.g., "image":"https://portrait.jpg", "audio":"https://speech.mp3", "video_url":"https://original-video.mp4" and the "Dub Existing Video" flow that transcribes external video with infsh/fast-whisper-large-v3 and then uses an LLM to translate/act on that transcript), which means untrusted third‑party content will be fetched and interpreted as part of the agent's workflow and could influence subsequent actions.