transcript-cleanup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill reads and processes .txt transcript files from the project’s output/ directory at runtime (Step 1–2), and those files are not guaranteed to be authored by the operating user, so their === TRANSCRIPTION === free text can be outsider-provided and is ingested into the agent/LLM context for cleaning.