azure-communication-callautomation-java

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and acts on untrusted third-party content: it parses webhook payloads via CallAutomationEventParser.parseEvents(requestBody), processes caller-provided speech/DTMF results (RecognizeCompleted), and loads/plays/downloads audio from arbitrary URLs (FileSource.setUrl, recordingUrl), all of which can materially influence call-handling logic.