assemblyai-reference-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests untrusted, user-generated content (transcripts derived from user-uploaded audio or arbitrary audio URLs) returned via the AssemblyAI webhook and then automatically runs LeMUR analyses on those transcripts (see src/api/webhooks/assemblyai.ts and the TranscriptionService batchTranscribe/submitForTranscription flow), so third-party content is read and can directly influence downstream analysis and stored results.