chromecast

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md) explicitly lets the agent fetch and cast arbitrary public URLs and websites (e.g., "catt cast ", "catt cast_site 'https://...'", and use of yt-dlp for YouTube/playlists), meaning untrusted, user-generated web content and playlists are ingested and used to drive playback/queue decisions rather than only being displayed.