line-voice-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to arbitrary open-web content via the built-in web_search tool (with a DuckDuckGo fallback) and to untrusted, caller-supplied prompts/configuration via CallRequest (e.g., call_request.agent.system_prompt/introduction sent in the Calls API start event), both of which the agent ingests and uses at runtime.