audio-extract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's inputs explicitly allow an input video "path or URL" ("--in" option) and the SKILL.md "Use Case: Video Transcription Workflow" shows extracting audio and then transcribing it, meaning the agent fetches and processes arbitrary public media (untrusted/user-generated content) that could contain instructions influencing subsequent actions.