elevenlabs-stt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows the agent ingesting arbitrary external audio/video URLs (e.g., "infsh app run elevenlabs/stt --input '{"audio": "https://meeting-recording.mp3\"}'" and the Video Subtitles workflow using "https://video.mp4"), so untrusted third-party audio is fetched and transcribed and those transcripts can drive downstream actions, enabling indirect prompt injection.