transcribe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts a path or URL to an audio/video file (SKILL.md "Provides a path or URL to an audio/video file") and will fetch and transcribe that external, untrusted media (and also auto-downloads models from Hugging Face), meaning arbitrary third‑party spoken content can be ingested and influence subsequent agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill clearly auto-downloads and installs runtime Python packages (e.g., faster-whisper / mlx-whisper / huggingface-hub) and fetches model files from the Hugging Face hub (e.g. https://huggingface.co/mlx-community/whisper-large-v3-turbo), so it fetches and executes remote code/dependencies required for operation.