assemblyai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly exposes actions that fetch and return transcripts and transcript components from AssemblyAI (e.g., "Create Transcript", "Get Transcript", "Get Paragraphs", "Get Sentences", "Search Words in Transcript"), which ingest arbitrary user-provided audio/URLs and return untrusted, user-generated text that the agent is expected to read and could materially influence subsequent decisions.