vid-sizzle-reel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow accepts and embeds external assets (e.g., brand_assets: "Logo URL/path" and the music parameter) and explicitly instructs beat analysis and inclusion of audio via commands like npx hyperframes tts --analyze-beats [music-file] and the HTML audio src="[music_path]", which means the agent will fetch and interpret arbitrary user-supplied or web-hosted media that can materially change timing and tool actions (cut/beat-sync), exposing it to untrusted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill loads and executes remote code at runtime—for example the composition script includes a runtime script tag that fetches GSAP from https://cdn.jsdelivr.net/npm/gsap@3.14.2/dist/gsap.min.js (executed in headless Chromium), and the install/run instructions use npx to fetch and execute the HyperFrames package (npx skills add heygen-com/hyperframes), so these external fetches are required dependencies that execute remote code.