remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes explicit runtime instructions to fetch and ingest external, arbitrary URLs (e.g., calculate-metadata.md shows calculateMetadata calling fetch(props.dataUrl) / https://api.example.com/... and voiceover.md instructs calling the ElevenLabs API), and that fetched JSON/audio is parsed and used to set composition props and durationInFrames — meaning untrusted third‑party content is read and can materially change tool behavior.