libvlc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs creating and parsing network media from arbitrary public URLs (e.g., libvlc_media_new_location("https://..."), libvlc_media_parse_request(..., libvlc_media_parse_network), the YouTube/m3u8 "resolve and play subitems" guidance, and media_discoverer/UPnP browsing), so the agent will fetch and interpret untrusted third‑party user-generated/public content which can influence playback, selection, and follow-up actions.