remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill explicitly fetches and ingests remote, potentially untrusted content at runtime (e.g., rules/calculate-metadata.md and SKILL.md show calculateMetadata calling fetch(https://api.example.com/video/${props.videoId}) or fetching props.dataUrl; rules/lottie.md fetches Lottie JSON from assets4.lottiefiles.com; Mediabunny and Mapbox examples use UrlSource/external APIs), and those fetched payloads are used to set composition metadata or otherwise drive rendering/behavior, so third‑party content can materially influence agent actions.