spectacles-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly sends ASR transcripts and camera frames to external LLM/vision endpoints via the Remote Service Gateway (e.g., request.endpoint = 'my-llm' and cloud vision endpoints in SKILL.md and the "Agentic Loop" section) and then parses LLM responses (including tool_call actions) to drive in-lens actions, meaning untrusted third-party model outputs can directly influence tool use and behavior.