typescript-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references show creating an ApplesauceRelayPool with public wss:// relay URLs and using RelayHandler.subscribe/onEvent to consume Nostr events (user-generated from public relays), and references/constants.md explicitly includes announcement methods like "prompts/list" and "tools/list" that the agent could interpret and act on, so untrusted third‑party content can influence behavior.