Our WordPress site is protected by Sucuri, and we’re constantly being blocked by Sucuri when we save a new post. Sucuri is triggered by the form upload field having a value set to a suspicious file reference:
This code is generated in osm-metabox.php (or osm-metabox_v4.php). It looks like a mistake to set value for the first field and placeholder for the other fields. Setting placeholder for all fields would be more logical.