dlna

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill actively fetches and parses UPnP device descriptions from SSDP "LOCATION" URLs during discovery (see src/dlna/player.py and src/dlna/discover.py where async_create_device(location) is called) and accepts arbitrary media URLs for playback from the CLI (src/dlna/cli.py → play), so untrusted third‑party content from network devices or arbitrary URLs is read and used to drive decisions and actions.