ai-voice-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs ingesting user-supplied audio for voice cloning (e.g., "Upload audio" in the ElevenLabs Instant Clone flow and reference_audio="reference.wav" in the Qwen3-TTS examples), so it consumes untrusted user-generated content that the agent would process as part of its workflow.