media-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and downloads media from arbitrary URLs (see video_understanding.py: download_from_url and process_video which take file_url) and SKILL.md Step 1 ("URL to downloadable media"), then transcribes and analyzes that content—meaning untrusted, third‑party content is ingested and directly used to drive analysis and outputs, enabling indirect prompt injection.