avkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly shows loading media from arbitrary URLs (e.g., VideoPlayer .task creating AVPlayer(url: "https://example.com/video.m3u8")) and describes reading subtitles from HLS manifests and using videoFrameAnalysis (text/visualSearch/machineReadableCode) and interstitial events that change playback behavior, so the skill ingests untrusted public media/subtitle/frame content that can materially influence actions.