use-x-chat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill’s examples and required workflow show useXChat calling external providers via XRequest (e.g., BASE_URL = https://api.openai.com/v1/chat/completions in EXAMPLES.md) and support async defaultMessages that “Load history from server based on conversationKey” (SKILL.md and reference/CORE.md), which means it ingests untrusted third‑party responses that can materially influence subsequent requests and UI behavior.