Spotify Automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill calls Spotify's public APIs (e.g., SPOTIFY_GET_PLAYLIST, SPOTIFY_GET_PLAYLIST_ITEMS, SPOTIFY_SEARCH_FOR_ITEM, SPOTIFY_GET_USER_S_PLAYLISTS) and therefore ingests public, user-generated Spotify content (playlists, descriptions, track/artist metadata) from third-party servers which the agent will read and interpret, allowing potential indirect prompt injection.