ros2-web-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md shows the bridge accepting untrusted HTTP/WebSocket client input (e.g., rosbridge connections and the FastAPI/WebSocket endpoints like /ws/commands, /api/robot/cmd_vel, /ws/camera, and rosbridge examples) and directly interpreting/executing those messages (publishing to /cmd_vel, calling services, setting parameters), so third-party user-provided content can influence agent actions.