scene-runtime

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and references/runtime-apis.md explicitly show using plain fetch/signedFetch and WebSocket to arbitrary public URLs (e.g., fetch('https://api.example.com/data'), new WebSocket('wss://your-server.com/ws')) and include workflows that parse JSON/config from those responses to initialize scene state (e.g., loadConfig -> fetchData(config.apiUrl) -> initializeScene), so untrusted third‑party content can be ingested and materially influence runtime behavior.