sip-media-negotiation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill parses and processes SDP from incoming SIP messages provided by remote callers (see acceptCall which extracts SDP from an INVITE and processAnswer which parses SDP from a 200 OK), so it clearly ingests untrusted, user-provided third-party content as part of its workflow.