scribe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary user-provided media via uploaded files, file URLs, and S3 URIs (see SKILL.md core workflow and examples/fast-mode-node.md and examples/batch-webhook-pipeline.md), transcribes and persists those transcripts for post-processing, so untrusted third-party content can be read and materially influence downstream actions.