speech-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted user-generated transcripts from ElevenLabs ("ElevenLabs transcribes speech and sends the full transcript to your server" and the on_transcript/onTranscript callbacks in SKILL.md and examples) and passes that content to LLM calls to determine responses, so third-party user content can materially influence agent behavior.