assemblyai-transcribe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill accepts arbitrary public audio/video URLs (see SKILL.md "node ... transcribe "https://example.com/audio.mp3\"") and assemblyai.mjs treats such HTTP URLs via isHttpUrl(...) then returns and prints the resulting transcript text, meaning untrusted third-party content (audio and its transcript) is fetched and presented for the agent to read and act on.