videodb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and processes untrusted public content — e.g., SKILL.md and reference files show uploading arbitrary URLs/YouTube links (coll.upload(url=...)), connecting RTSP/RTMP streams (coll.connect_rtstream(...)), and reading WebSocket events like visual_index/transcript that the agent is expected to parse and act on (capture.md / capture-reference.md / rtstream-reference.md), allowing third‑party content to influence indexing, alerts, and subsequent actions.