kie-external-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires and ingests public, user-hosted URLs and user-supplied videos/images (see "Reference images: hosted URLs, not file uploads" in kie-external-api SKILL.md and the analyze-video / clone-ad SKILL.md steps that extract frames, transcribe, and adapt prompts from those reference videos/images), and that untrusted content is parsed and used to compose prompts and to decide generation steps—so third-party content can materially influence tool actions.