doubao-multimodal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The CLI explicitly downloads arbitrary remote media URLs (downloadRemote in scripts/lib/source.ts and usage in scripts/main.ts via --url) and sends the fetched audio/video into the model payload (built in scripts/lib/ark.ts) so untrusted third‑party audio/video content is interpreted by the model and can influence outputs used for downstream decisions (e.g., keyframe timestamps, diarization, understand task responses), enabling indirect prompt injection via spoken/visual content.