voice-ai-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's mandatory workflow (SKILL.md Steps 0 and 3) and provided scripts explicitly fetch public documentation and sample repos (e.g., downloading references/docs.txt from https://doc.shengwang.cn/llms.txt via skills/voice-ai-integration/scripts/fetch-docs.sh and fetching docs from doc-mcp.shengwang.cn with scripts/fetch-doc-content.sh, plus cloning sample repos from public GitHub/Gitee) and then requires reading/using that content to drive implementation, so external third‑party content can materially influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires configuring runtime LLM and MCP endpoints (e.g., LLM examples like https://api.openai.com/v1/chat/completions and https://api.minimax.chat/v2/text/chatcompletion_v2, and the MCP endpoint https://registry.run.mcp.com.ai/mcp) which the ConvoAI agent will call at runtime to produce responses and invoke external tools, so these external URLs directly control agent prompts/behavior and are required dependencies.