ios-networking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill includes multiple runtime patterns that fetch and ingest arbitrary external content—e.g., URLSession.data(from:), the APIClient request flow in references/urlsession-patterns.md, the WebSocket receive loop and TypedWebSocketTransport in references/background-websocket.md, and SSE parsing in urlsession-patterns.md—which clearly consume untrusted public/network-generated messages that the code decodes and uses to drive application behavior.