ai-model-cascade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts arbitrary, untrusted user-provided transcripts (e.g., the "transcript" parameter and the API route app/api/generate-topics/route.ts which reads request.json() and injects transcript into prompts) and feeds that content directly into LLM prompts, exposing the agent to indirect prompt injection risks.