media-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill downloads arbitrary files from external URLs (video_understanding.py: download_from_url / process_video with file_url) and then transcribes and analyzes the resulting audio/text (transcribe/analyze_content), so untrusted, user-provided third‑party content is ingested and directly interpreted as part of the workflow—allowing that content to influence outputs and downstream decisions.