implementing-realtime-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and relays external content — e.g., streaming LLM tokens from OpenAI/Anthropic via the SSE example (examples/llm-streaming-sse/backend.py) and user-generated collaborative/presence data over y-websocket/WebSocket providers (references/crdts.md and presence patterns) which the agent reads and renders as part of its workflow, exposing it to untrusted third-party content that could carry indirect prompt injections.