assemblyai-transcribe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary HTTP/HTTPS audio URLs ("Transcribe from a URL" in SKILL.md) and scripts/transcribe.py passes those public URLs (audio_url) to AssemblyAI for transcription, meaning the agent will ingest and interpret untrusted, third-party audio content as part of its runtime workflow.