livekit-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs use of the lk docs CLI to fetch live documentation in SKILL.md and exposes provider tools such as WebSearch and URLContext in references/agent-tools.md that ingest arbitrary public web pages and search results which the agent is expected to read and use to make decisions, creating a clear path for untrusted third-party content to indirectly inject instructions.