wterm-web-terminal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and examples explicitly show connecting to arbitrary WebSocket PTY endpoints (wsUrl) and include a WebSocket PTY backend (server.ts) whose terminal output is consumed via onData and rendered in the terminal, meaning untrusted/third‑party shell output from remote WebSocket servers can be read and drive programmatic input/behavior.