acestep-lyrics-transcription

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill transcribes user-supplied audio via third-party APIs (OpenAI/ElevenLabs) and the SKILL.md "Post-Transcription Lyrics Correction" workflow explicitly requires the agent to read and correct the generated LRC/JSON output (i.e., ingest and act on untrusted, user-generated transcription content), so malicious spoken instructions in that content could influence the agent's subsequent edits or tool use.