real-time-features

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts and parses arbitrary user-generated data from public clients—for example in the WebSocket server's ws.on('message') handler (server.ts), the SSE /events endpoint and eventSource.onmessage, and the Socket.IO 'message' handlers—so it ingests untrusted third‑party content as part of its workflow.