concept-to-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's Agentic Mode (in SKILL.md) documents an assets-fetching stage (fetch_assets.py) and explicitly notes a --adapter option iconfinder that makes external API calls to pull third‑party images/icons which are then consumed by the coder/scene pipeline, so untrusted external content can be ingested and influence scene generation.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly instructs installing system packages via apt-get and using pip with --break-system-packages, which modify system-level state and require elevated privileges, so it pushes the agent to change the machine state.