video-toolkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts show it uploads and analyzes user audio with Google Gemini (scripts/analyze_audio_gemini.py), calls Shazam via shazamio (scripts/identify_music.py), and explicitly performs web searches (SKILL.md Step 5.5 uses mcp__perplexity_search_web / WebSearch to fetch public webpages for song-theme research), so the agent ingests untrusted third‑party web content that can influence subsequent prompts and decisions.