audio-transcriber

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and downloads audio from arbitrary URLs ("Step 1: Accept file path or URL" in SKILL.md, e.g., "https://example.com/audio.mp3") and then transcribes that untrusted, user-supplied content and feeds the transcript into LLM processing (SKILL.md Step 3 and scripts/transcribe.py process_with_llm), so third‑party content can directly influence generated summaries, decisions, and action items.