deapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests arbitrary public/user-generated content (e.g., commands/transcribe.md fetches and transcribes YouTube/X videos; commands/ocr.md, transform-image.md, remove-bg.md, upscale.md download image URLs) and then reads/acts on that content (transcription/OCR/results/follow-up actions), so untrusted third‑party content can directly influence agent decisions and next actions.