marketing-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's mandatory "Step 2.5: Live Research" requires the agent to pull current TVL/volume/user counts via web search and public data sources (eg. DefiLlama, CoinGecko, explorer.solana.com) and states that "every number that appears as text in the video must come from this research pass," meaning the agent ingests and acts on untrusted, user/public third‑party content as part of its decision-making and creative workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill requires running "npx skills add remotion-dev/skills" which fetches and installs the remote GitHub repo https://github.com/remotion-dev/skills at runtime, adding 38 rule modules that directly modify/extend agent behavior (i.e., controlling prompts/instructions), so it is a high-confidence runtime external dependency.