create-sound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests untrusted third-party artifacts (e.g., "Sprite from an npm package" in SKILL.md / rules/interpret-extract-source.md where it runs npm pack <package-name> and extracts MP3/WAV + JSON manifests, and pipeline-detect-input accepts arbitrary paths the user references), and those artifacts (audio files and manifests) are parsed and analyzed by the interpret-* pipeline to drive generation/decisions, so third-party content can materially influence the agent's actions.