building-streamlit-chat-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary user-provided files and audio via st.chat_input (accept_file / prompt.files and accept_audio / prompt.audio) and sends them to analyze_image or openai.audio.transcriptions.create for the assistant to read/interpret, exposing the agent to untrusted user-generated content that could carry indirect prompt injections.