llm-streaming-response-handler

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and streams responses from third-party LLM providers and arbitrary SSE endpoints (e.g., server-side patterns calling OpenAI/Anthropic in SKILL.md and the Vercel AI SDK "Streaming with Tools" pattern, plus scripts/stream_tester.ts that fetches user-specified endpoints), and those untrusted streamed outputs are parsed and used to update UI and even trigger tool/function calls, so external content can materially influence agent actions.