seedance-submitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary third‑party media URLs (e.g., the download_videos_from_manifest_with_ytdlp.mjs script and the Seedance workflow that uses referenceImages/referenceVideos in references/current-rules.md and hosted-video-generative.md), and those externally-hosted, user-supplied assets are incorporated into promptPlan/request JSONs and provider calls that materially influence submission, generation, and follow-up actions.