create-sound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's pipeline explicitly ingests and analyzes user-provided or externally-hosted audio (SKILL.md: "Detecting audio" / pipeline-detect-input and the interpret-* rules) and even supports fetching sprites from arbitrary npm packages ("npm pack ") and JSON manifests, which the agent parses (src/analyze.py) to drive synthesis decisions—meaning untrusted third‑party content is read and can materially change emitted tool actions.