elevenlabs-voice-isolator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly accepts arbitrary public audio URLs (e.g., the Quick Start and examples like --input '{"audio": "https://noisy-recording.mp3"}') and its documented workflow shows the cleaned audio is then transcribed (Clean → Transcribe), meaning the agent fetches and interprets untrusted, user-generated third‑party content which could materially influence downstream actions.