dart-frog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and patterns examples explicitly show route handlers reading and acting on arbitrary HTTP request bodies (context.request.json()) and a WebSocket route (routes/ws.dart) that parses and responds to client-sent messages, meaning untrusted user-generated content from external clients is ingested and can influence runtime behavior.