api-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes runtime ingestion of untrusted, user-generated content from external endpoints—specifically socket.io chat messages in useChat, Server-Sent Events via useSSE, and generic fetch/Apollo/trpc calls to arbitrary NEXT_PUBLIC_API_URL / NEXT_PUBLIC_GRAPHQL_URL endpoints—so the agent would read/interpret third-party content that could carry indirect prompt injections.