videodb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and processes arbitrary public content (URLs, YouTube links, RTSP/RTMP streams, and desktop capture) — see SKILL.md "Common inputs" and upload/connect_rtstream and the capture/indexing workflows (reference/rtstream-reference.md and capture.md) — and the agent is expected to read visual_index/transcript/index_scenes outputs and run searches/alerts/timeline actions based on that content, so untrusted third-party content could indirectly inject instructions that change agent behavior.