audio-transcriber

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts and downloads audio from arbitrary URLs (SKILL.md Step 1: "Accept file path or URL (https://example.com/audio.mp3)"), then transcribes that untrusted audio and feeds the resulting transcript into local LLM CLIs (scripts/transcribe.py -> process_with_llm / handle_prompt_workflow), so content hosted by third parties or users can be interpreted and used to generate prompts, summaries, and action items that materially influence outputs and subsequent behavior.