api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's documentation (SKILL.md and references/listen.md) requires providing a 'url' in POST /v1/listen (and supports WebSocket /v1//v2 listen with callback URLs), so the API fetches and ingests arbitrary public audio/URLs which the agent transcribes and returns (e.g., /v1/agent/converse produces ConversationText and FunctionCallRequest), allowing untrusted third‑party content to be interpreted and to materially influence subsequent actions.