frame-extraction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs fetching/downloading TikTok videos ("For TikTok benchmark work" and "If the user gives TikTok URLs but local video files are missing, first recover or download the local videos before extracting frames"), meaning the agent will ingest public/user-generated third-party content and act on it (frame selection and extraction), which could enable indirect prompt-injection.