founder-product-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill ingests public web content via the required Product URL: step [1] analyze_brief calls analyze_brief(sources=[{type:"url", url:<product_url>}]), which at runtime fetches and reads outsider-authored webpage text into the LLM context for briefing (indirect prompt-injection risk).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches the user-supplied product URL at runtime (e.g., the required "Product URL" such as https://scrapegraphai.com) to derive the brief that directly shapes the script and the SeeDance prompts, so remote content controls agent instructions.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)